This is an Early AccessEarly Access (EA) features are opt-in features that you can try out in your org by asking Okta Support to enable them. Additionally, the Features page in the Okta Admin Console (Settings > Features) allows Super Admins to enable and disable some EA features themselves. feature. To enable it, please contact Okta Support.
Okta Automations enable you to quickly prepare and respond to situations that occur during the lifecycle of end usersIn Okta literature, we generally refer to "end users" as the people who have their own Okta home page (My Applications), using chiclets to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control. who are assigned to an Okta group. This helps improve efficiency and satisfaction among employees, partners, and contingent workforce. For example, automation can help for inactivity lockouts. If a user has been inactive for a set number of days and is on the verge of being locked out, you can use an automation to alert the inactive user in advance.
You set up an automation by defining the following items:
- Conditions — The criteria that triggers Okta to perform actions upon a group of end users. For each automation, you can choose one condition to apply to one or more groupsGroups allow you to organize your end users and the apps they can access. Assigning apps to large sets of end users is made easier with groups.. Conditions can be scheduled to run once or to recur daily.
The following conditions are currently available:
- User inactivity
- User password expiration
These conditions are triggered according to a schedule, and can applied to one or more groups. Conditions are mandatory for automations on recurring schedules.
- Actions — The actions you want Okta to perform when the scheduled conditions are true. The following actions are currently available:
- Send email to the user
- Change user lifecycle state in Okta
- Select Workflow > Automation in the Okta console.
- Select the Automations tab, and click Add Automation.
- Enter a name for the automation and Save. Screenshot
- Configure the following conditions.
Click the Edit button to select the schedule for the automation, and Save. The default selection is set to Run Daily, with a creation time stamp of the local timezone. The following options are currently available. Screenshot
Specify the time and time zone for when the automation should run. Screenshot
Specify the date, time, and timezone for when the automation should run. Screenshot
Click the Edit button to select one or more groups to which the automation should apply, and Save. Screenshot
- Configure a condition based on user state, attributes, or behavior.
Click the Add Condition button and select one of the following currently available conditions.User inactivity
This option looks for end users in one of the Active states, who have been inactiveUsers are inactive when they have never logged in for a set number of days. For more information about the status of user accounts, see End user account states. Screenshot
- Configure one or more actions to be triggered by the conditions you set. Each action is executed independently from the other actions and do not run in any particular sequence. All actions are run once all conditions are met.
The following actions are currently available:Send email
This option enables you to create an email template by using HTML and referencing Okta end user profile attributes within the body of the message. The Subject is required before you can Preview and Save the action. Screenshots
- Select Activate from the Inactive/Active drop-down.
The Activate option becomes available once you configure all the required conditions and at least one action.
Once an automation is moved to the Active status, it is executed according to the schedule settings configured for that automation.
Note that to reconfigure your automation you must deactivate it.