Setting up Okta Workflows with your Okta WIC/CIS tenant

Workflows 2 Minutes

If you have an Okta Workforce Identity Cloud or Okta Customer Identity Solution tenant then you are eligible for 5 Free flows to use within the Okta Workflows Platform.

This article is to guide you step by step on how to set up Okta Workflows with your Okta tenant.

Prerequisite:

  • Okta Workforce Identity Cloud or Okta Customer Identity Solution tenant.
  • Okta Workflows Console Access
  • Okta Admin Access to Okta Admin Dashboard

As an Okta Administrator, when Okta Workflows is enabled on your tenant you will be automatically assigned to the Workflows Application. Go to your Admin Dashboard and verify you have access to Okta Workflows.

In case you are not able to see the Okta Workflows Section within the dashboard as per below then please go to Application.

Within the Application section, click on “Okta Workflows” Application which is the access to the Okta Workflows Console.

Ensure the relevant users have Okta Workflows Assigned to them.

Back to the Menu of your Okta tenant go to Workflow and select “Workflows console”

You will now be redirected to the Okta Workflows Console.

By default Okta Workflows isn’t connected to your Okta tenant so until you configure it you won’t be able to communicate with your Okta Tenant.

We will now configure it by going to Connections and create a new connection:

In the new connection menu look for Okta and select it.

You will now be asked to enter a number of settings:

Your tenant will need to be entered as per the example however if you are using a custom domain we recommend you are using the original Okta tenant domain for this configuration.

For the Client ID and the Client Secret let’s now go and copy them from the Okta Dashboard.

Back in the Okta Admin Console go to Applications.

Then select the

On the Sign On Tab copy the Client ID and the Client Secret.

Please also ensure that you are assigned to this App prior to building the connection.

Go back into your Workflows Console and paste the 2 items.

At this point, you are all set to leverage the Okta Tenant functions within Okta Workflows.

You can start creating or importing Flows. Visit this page to get template flows that address everyday business use cases.

Troubleshooting:

403 Forbidden: The access token provided does not contain the required scopes

In some cases, you may be encountering this error due to missing granted scope on the Scope API section of the Workflows App.

Please identify what action are you trying to achieve in order to Grant the right scope. In this Example, we are trying to add a user to a Group.

Go to the Okta Workflows OAuth Application and go to the Okta API Scopes Tab. Since we are trying to manage groups looks for the Scope to Manage group,

Click on the Grant section to get the Scope granted and allow you to get a successful Flow.

Please note that the Scope won’t apply until you Reauthorize the Okta Tenant with Okta Workflows.

Go to the Workflows Console and go into the Connections Tab and on your connection click on Reauthorize.

You will then have to re-enter the connection details as per the previous steps.

You can now go back to test your flow and get it run successfully.

Published by Dany Leclerc

With a wealth of experience driving some of the largest Mission Critical End Points deployments across Transportation, Retail, Healthcare and Field services, Dany has spent over a decade focusing on Security and Cloud computing in both Europe and Australia. Dany chose to join Okta, the leader in the Identity Access Management and Customer Identity, after the pandemic accelerated the drive toward digital transformation, demanding an increased focus on securing Identity.

Published

Leave a Reply