Connect Okta Workflows with ISPM

Use Identity Security Posture Management (ISPM) event hooks to trigger automated workflows in Okta based on ISPM issue detections. As a super or workflows admin, connecting ISPM with Okta Workflows is a two-part process:

  1. Set up a flow in Okta Workflows

  2. Configure outbound integrations in the ISPM console

Set up Okta Workflows

Set up Okta Workflows by importing the ISPM template or creating an API Endpoint card.

Import the ISPM template

  1. Go to the Templates page.

  2. Search for ISPM and select Identity Security Posture Management from the results.

  3. Add the template.

  4. Go to each helper flow and connect the relevant environments.

  5. Turn on all helper flows.

  6. Go to the ISPM Event Routing Flow.

  7. Click </> on the API Endpoint event card to go to endpoint settings.

  8. Copy the following values and store them securely. You need these values later for the ISPM event hook configuration.

    • Invoke URL: Copy the URL up to the /invoke segment based on this sample URL: https://YOUR-OKTA-DOMAIN.workflows.okta.com/api/flo/YOUR-WORKFLOW-ID/invoke

      You don't need the ?clientToken=alphanumericvalue segment.

    • Client Token: Copy the value. This token authenticates requests to the workflow.

  9. Click Close.

  10. Turn on the flow.

Create an API Endpoint card

  1. Go to the Flows tab on the Flows page and click + New Flow.

  2. On the first card, click Add event.

  3. From the Built-in triggers section, click API Endpoint.

  4. Select Secure with client token and click Close.

  5. Click Save and enter a flow name and description.

  6. Select the Save all data that passes through the Flow? checkbox.

  7. Click Save. For more information, see API Endpoint.

  8. Click </> on the API Endpoint event card to go to endpoint settings.

  9. Copy the following values and store them securely. You need these values later for the ISPM event hook configuration.

    • Invoke URL: Copy the URL up to the /invoke segment based on this sample URL: https://YOUR-OKTA-DOMAIN.workflows.okta.com/api/flo/YOUR-WORKFLOW-ID/invoke

      You don't need the ?clientToken=alphanumericvalue segment.

    • Client Token: Copy the value. This token authenticates requests to the workflow.

  10. Click Close.

  11. Turn on the flow.

Configure the event hook in ISPM

  1. In the Identity Security Posture Management console, go to SettingsOutbound integrations.

  2. On the Webhook tile, click Connect.

  3. In the Webhook Address (URL) field, enter the modified value of the Invoke URL that you copied from the Workflows console. The URL value that you enter must have the same format as this sample URL: https://YOUR-OKTA-DOMAIN.workflows.okta.com/api/flo/YOUR-WORKFLOW-ID/invoke

  4. In the Configure your API key section, click URL parameters.

  5. Enter clientToken in the Key field.

    You must enter clientToken exactly as written, including the specific capitalization. Any other value causes an error.

  6. Enter the client token value that you copied from Okta Workflows in the Value field.

  7. Click + to confirm the key and value addition.

  8. Click Test Connection to test that ISPM can send a request to your workflow.

  9. Click Save.

  10. Click Automate Webhook.

  11. Enable the Auto-send notifications toggle.

  12. Select the issues that should trigger the event hooks in ISPM.

  13. Click Add automation.

Related topics

Configure an event hook

Okta Workflows templates for Identity Security Posture Management

Supported detections