Data deletion for Workflows

Data privacy is important to Okta, and it aligns with the company's core values.

 

The following user and organization data can be removed from Okta Workflows by following standard Okta processes.

Users

The following categories of user data are deleted:

Category

Description

Usernames and passwords

Any credentials that are entered by the user to create a connection with a third-party system, whether the user owns those credentials or not. For example, a username and password that are entered by a user to access a service account. Any Flows that use those credentials will need re-authentication.

Tokens and keys

Any access tokens for a third-party system.

Session data

All user session data.

Personally Identifiable Information

All Personally Identifiable Information related to a user is obfuscated, including any name or email data that is received during the Single Sign-On process.

 

Info

Note

If a Flow is created by a user, then it will not be deleted through the same Okta standard process for user or organization data. This is especially important for Flows that are critical to business. Instead, you can delete a Flow manually in the Workflows interface.

Organizations

The following categories of data are removed from the platform:

Category

Description

Users

All user data. See Users.

Flows and Flow configurations

All Flows and Flow configurations.

Files

Any reference to a file that is uploaded, downloaded, or transferred using the platform.

Folders

All folder names and descriptions that are entered by a user are obfuscated.

Organization data

Any data that is related to an organization (for example, Name, Email, or Namespace) is obfuscated.

Tables

Any information that is stored in the platform's Tables feature.

Flow history

Any information that an organization chooses to retain using the Save all data that passes through this Flow feature. Data is deleted automatically after the Okta retention policy of 30 days expires.

 

Common scenarios for deletion of data

Scenario

Action

Additional Information

My company no longer uses any Okta products, and we want our data to be deleted from Okta Workflows.

None.

Data in Workflows is deleted within 60 days of the date of an organization's last contract expiration, per Okta policy.

The removal of the data is irreversible.

My orgThe Okta container that represents a real-world organization. is on an EMEA cell and no longer uses Workflows. We want all of our data in Workflows to be deleted.

To trigger this process, create a support request on support.okta.com.

The removal of the data is irreversible.

A Workflows user in my company has left, and we want to remove their access to Workflows.

Remove the user's access to Okta.

A user's access to Workflows is dependent on their status as an active Super AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. in an org. When a user can no longer access Okta, they will not be able to access the Workflows platform.

The deletion process is irreversible.

A Workflows user in my company has left, and we want to remove any connections to Okta or third-party applications that they created.

Manage and delete connections in the Settings > Connections page.

If a connection that is being used in a live Flow is deleted, then the Flow will fail. It is recommended to use service accounts to avoid this scenario.

A Workflows user wants to have all their Okta data deleted.

Start the process by completing this form.

User information cannot be managed through the Workflows console. But alternative processes are available.

See Also

Prepare your organization for GDPR

Okta's Privacy Policy

Top