r6e40 (r6e40) asked a question.
I am working on configuring my first Okta workflow and need some assistance. I’m trying to set up a flow where the workflow will run when a specific custom profile attribute, user.sec_training, is set to "No" in a user's profile. Here's the basic flow I’m trying to implement:
Trigger: The flow should trigger when the user.sec_training attribute is updated to "No" in the user's profile.
Wait: After the trigger, I want to add a 5-minute delay before proceeding.
Assign to Group: After the delay, I want to assign all users whose user.sec_training attribute is set to "No" to a specific Okta group.
This is my first time working with Okta Workflows, so I’d really appreciate it if you could review what I’ve configured so far and provide any tips or suggestions to ensure it works as intended.
So far, I’ve:
Created a User Profile Updated trigger for the workflow.
Tried to reference the user.sec_training attribute, but I’m not sure if I’m accessing it correctly in the workflow.
Added a Wait for action, but I’m unsure how to dynamically assign users who meet the condition to a group after the delay.
Could you please guide me through these steps and let me know if there are any additional configurations or actions I should consider to achieve my goal?
Thank you in advance for your help!
Best regards,
David
I have several Workflows that do different things when user attributes change. Rather than have each parent Workflow use the trigger card "User Okta Profile Updated" I created one main event Workflow that leverages it and passed the output to many different child/helper unrelated Workflows. I then take the "Changed Attributes" output value from that trigger card which is a csv list of attribute names but you treat it as one text string. I pass it to "Text Find" function card as the "look in" input field and then hard code the attribute value I want to find in the "look for" input field. For example if I wanted to know when the first name was changed for a user I would set "firstName" as the "look for" value. That will return a number as the output. I then pass that number output to a "True False Expression" function card with an input value like "position >=0". I take the output of that card and pass it to the "Branching Continue If" function card and check to see if the value is equal to "TRUE". If it is then it tells me the value changed so I then would go back to the trigger card "User Okta Profile Updated" and grab the "ID" value from the "Actor" object. I would then pass the ID to a "Okta Read User" action card making sure to select the attribute I wanted returned so I can then grab that value and pass it to another "Branching Continue If" function card so I could then see if the value was "No" or whatever it is that I wanted to check for.
@r6e40 (r6e40) -- What Matthew indicated is an advanced approach to what you are attempting to do. What I am providing is a simple approach. However, it has a pitfall that Matthew addresses. What often occurs is you will end up with lets say a dozen different attributes you want to monitor for that have had a change. And instead of having a dozen different flows that replicate the same initial logic and cause a bunch of executions you can have a single target and perform logic to determine "Which" attribute changed and follow the logic for that change.
The simple "new to workflows" version of what you are trying to do looks like this: