Okta

learn how to connect engini to okta using engini’s okta activities, you can create, update, and get users create, update, and get groups listen to events on users and groups to get started with the okta app, create an account at https //login okta com/signin/ getting started with okta prerequisites active okta account access to okta’s admin area or an active access token connecting engini to okta retrieve your okta access token if you already obtained an active okta access token jump to the next step navigate to the admin section in the top right corner of your okta account in the newly opened tab, navigate to security > api > tokens in the left sidebar if you have already generated your access token, you can copy it from here if not, you can create a new one copy the access token and save it, as you will need it to add the connection to your okta account in engini add a connection to okta in engini enter your engini account at https //app engini io navigate to the connections page by clicking on connections in the left sidebar or by clicking here click on the "new integration" option located at the top choose the okta option from the available applications enter the following details in the “add connection” form connection name enter a unique and descriptive name for this connection this name will help you easily identify and manage the oracle connection within your engini account url – copy the url from the address bar of your browser and paste it here api key – enter the access token you obtained from okta com click the save button located at the bottom of the form engini will now save this connection and grant access to all the boards you have access to with the provided access token please note that any board created in okta after saving this connection will not be shown in the board list in engini activity blocks to access these new boards using engini, you will need to refresh your okta objects in engini steps to refresh at the far right of the okta connection row, click on the three dots to open the options menu click on the “refresh objects” option to refresh the objects associated with this connection triggers the trigger is executed automatically in response to a specific event every workflow must start with a trigger you can use triggers like “check recent event logs” or “event hook” check recent event logs this trigger will check the event logs in okta starting (utc) date and time specifies when the trigger should start in this example, it is set to start on august 5, 2024, at 00 00 utc recur every interval defines how often the trigger should recur in this case, it is set to recur every 15 minutes add time frame allows you to specify a time frame for which the logs should be checked add sorting option to sort the event logs based on certain criteria use the up (↑) and down (↓) arrows to adjust the priority of the sorting rules if you have multiple sorting criteria add conditions by adding a condition, the workflow will only execute if the specified condition(s) are met event hook the “event hook” trigger in okta is used to execute a workflow in response to specific events related to user management in okta event type you can select an event type that will trigger the workflow the available event types in the dropdown menu are activate okta user the workflow is triggered when a user is activated in okta create okta user the workflow is triggered when a new user is created in okta deactivate okta user the workflow is triggered when a user is deactivated in okta delete okta user completed the workflow is triggered when the deletion of a user is completed in okta example use case if you select “create okta user” as the event type, the workflow will be triggered whenever a new user is created in okta this could be useful for automatically setting up new users in other systems, sending welcome emails, or adding them to specific groups actions activate user the “activate user” action is used to change a user’s status in okta from inactive to active this is typically part of onboarding processes where a newly created user is activated to start using their account userid this field requires the unique identifier (id) of the user you want to activate you need to provide the specific user id of the okta user sends an activation email to the user if true this field is a boolean option (true/false) if set to true, okta will send an activation email to the user this email usually contains instructions for the user to complete the activation process, such as setting up a password add group the “add group” action is used to create a new group in okta groups in okta are used to organize users and apply policies, permissions, and configurations collectively add field this dropdown allows you to select different fields that define the properties of the group once you select a field, you need to provide the corresponding value for that field you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field add user to group the “add user to group” action is used to assign a user to a group in okta this can be useful for organizing users into groups that share common access permissions, policies, or roles groupid this field requires the unique identifier (id) of the group to which you want to add the user you need to provide the specific group id of the okta group userid this field requires the unique identifier (id) of the user you want to add to the group you need to provide the specific user id of the okta user create group rule the “create group rule” action is used to create rules that automatically assign users to groups based on specific criteria this can help automate group management and ensure users are placed in the correct groups based on attributes such as their department, role, or location add field this dropdown allows you to select different fields that define the properties of the group once you select a field, you need to provide the corresponding value for that field you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field create user the “create user” action is used to add a new user to your okta organization this includes setting up the user’s profile with essential details such as email, first name, last name, and login information profile – email enter the user’s email address this is typically used as the primary contact method and sometimes as the username profile – first name enter the user’s first name profile – last name enter the user’s last name profile – login enter the user’s login name this is often the same as the email address but can be different depending on your organization’s login policies add field (if needed) this dropdown allows you to select different fields that define the properties of the group once you select a field, you need to provide the corresponding value for that field you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field deactivate user the “deactivate user” action is used to change a user’s status in okta from active to deactivated deactivating a user prevents them from accessing your organization’s resources but retains their profile and associated data for potential reactivation or auditing purposes userid this field requires the unique identifier (id) of the user you want to deactivate you need to provide the specific user id of the okta user add field (if needed) this dropdown allows you to select different fields that define the properties of the group once you select a field, you need to provide the corresponding value for that field you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field delete user the “delete user” action is used to permanently delete a user from your okta organization this action removes the user and all associated data from okta, making it irreversible userid this field requires the unique identifier (id) of the user you want to delete you need to provide the specific user id of the okta user add field (if needed) this dropdown allows you to select different fields that define the properties of the group once you select a field, you need to provide the corresponding value for that field you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field get event logs the “get event logs” action is used to fetch event logs from okta event logs contain information about various activities and changes within your okta organization, such as user logins, password changes, and administrative actions top n in this field, you can specify the total number of entries to retrieve the default value is often set to a certain number (e g , 100) you can adjust this to retrieve more or fewer entries as needed add filter this option allows you to add filters to narrow down the event logs based on specific criteria, such as event type, user id, version, etc you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field add sorting this option allows you to define how the retrieved event logs should be sorted choose published to sort the logs by the timestamp of when the events were logged get group members the “get group members” action is used to fetch the list of users who are members of a specified group in okta this can be useful for managing group memberships and understanding which users have access to certain resources or permissions groupid this field requires the unique identifier (id) of the group whose members you want to retrieve you need to provide the specific group id of the okta group get user the “get user” action is used to fetch the details of a specific user in okta this can include information such as the user’s profile details, status, group memberships, and more userid this field requires the unique identifier (id) of the user whose details you want to retrieve you need to provide the specific user id of the okta user get users the “get users” action is used to fetch a list of users from your okta organization this can include various user details and can be filtered or sorted based on specific criteria top n in this field, you can specify the total number of entries to retrieve the default value is often set to a certain number (e g , 100) you can adjust this to retrieve more or fewer entries as needed add filter this option allows you to add filters to narrow down the event logs based on specific criteria, such as event type, user id, version, etc you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field add sorting this option allows you to define how the retrieved event logs should be sorted choose published to sort the logs by the timestamp of when the events were logged remove group the “remove group” action is used to permanently delete a group from your okta organization this action removes the group and all associated memberships, making it irreversible groupid this field requires the unique identifier (id) of the group you want to remove you need to provide the specific group id of the okta group remove user from group the “remove user from group” action is used to disassociate a user from a group in okta this action can be part of managing group memberships, ensuring that users are only part of relevant groups groupid this field requires the unique identifier (id) of the group from which you want to remove the user you need to provide the specific group id of the okta group userid this field requires the unique identifier (id) of the user you want to remove from the group you need to provide the specific user id of the okta user send api request the “send api request” action allows you to send custom http requests to an api endpoint this can be used to perform a wide range of operations, such as creating, updating, or deleting resources, fetching data, or triggering specific actions base url this is the root url of the api you are interacting with for okta, this is typically in the format https //{youroktadomain} okta com relative url this is the specific endpoint path you want to interact with it is appended to the base url for example, to get a list of users, you might use /api/v1/users method delete used to delete a resource from the server get used to retrieve data from the server patch used to partially update a resource on the server post used to create a new resource on the server put used to fully update a resource on the server body type allows you to specify the content type of the request body add headers click add headers to specify any necessary headers for the request add queries click add queries to include any query parameters needed for the request update user the “update user” action is used to update the profile information of an existing user in okta this includes modifying fields such as email, first name, last name, and login userid this field requires the unique identifier (id) of the user whose profile you want to update you need to provide the specific user id of the okta user profile – email enter the new email address for the user profile – first name enter the new first name for the user profile – last name enter the new last name for the user profile – login enter the new login name for the user add field this dropdown allows you to select different fields that define the properties of the group once you select a field, you need to provide the corresponding value for that field you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field initialize object array this activity initializes an object array in okta and stores a single structured entry based on the selected object type (e g allof userschemapropertiesprofileitem, dnsrecords dnsrecord ) variable name enter the name of the variable that will hold the initialized object array this name will be used throughout the workflow whenever you refer to this object array object element type this field defines the type of data the array will store such as, allof userschemapropertiesprofileitem and more the selected type determines the structure of the array and its use in subsequent actions add field this dropdown allows you to select different fields that define the properties of the group once you select a field, you need to provide the corresponding value for that field you can fill in the field value using one of the following static value enter a number or string (strings must be in single quotes (‘) ) property value from a previous activity use the tooltip that opens when clicking on the field to select a value from a prior activity expression combine functions, previous activity properties, and static values using the tooltip that opens when clicking on the field append to object array this activity adds a new structured entry to an existing object array variable used in an okta related workflow it allows you to dynamically expand the array by appending additional entries that follow the predefined structure required for the selected integration variable – select the object array variable you want to append to this must be an already initialized object array the new structured entry will be added to this variable and used later in the workflow add field – by clicking “add field”, you can define the fields and values for the new entry being appended the available fields depend on how the array was originally initialized each appended entry must follow the same structure defined at initialization map object array this activity transforms a list of data into a structured object array that can be used later in the okta workflow it allows you to iterate over each item in the selected data list and define how each item should be mapped into a structured entry data list – select the array or list of data you want to map the action will iterate over each item in this list and create a corresponding structured entry based on the mapping you define object name – define the name of the temporary object that represents each item during the mapping process you will use this name when referencing fields from the current item in the list add field – by clicking “add field”, you define the structure of the output array for each field, you map a value from the current item (using the object name) or assign a static value the result is a new structured array built from the original data list