Okta Workflows: Version history

Low-latency flows

The Low-latency feature enables Okta Workflows to support time-sensitive flows as well as flows that power inline hooks. Flows that meet certain criteria can now run in a low-latency mode that provides significant improvements in the consistency of flow execution timing. See Low-latency flows.

OKTA-277861

When using the keyboard shortcut to save a new flow, the Save flow dialog appeared each time the shortcut was pressed, rather than only once. Also, if the keyboard shortcut was pressed while the Save flow dialog was displayed, any changes to the name or description weren't saved.

The Save button on a new flow was stuck in a loading state if the user clicked the close icon of the Save flow dialog.

OKTA-549709

Flows could remain showing as "In progress" for the maximum 30 day period.

OKTA-509865

The type names available for the output of Selected Outputs fields didn’t reflect the new user-friendly values available in Connector Builder. See Add selectable outputs to an action card.

OKTA-548681

If there were unsaved changes in the options of a connection card, these changes weren't kept when switching between the Configuration Settings and the Inputs/Outputs preview card windows.

OKTA-552020

If a dynamic list of fields was used in the Dynamic Output Group UI, the Extensible toggle didn't appear. This prevented the extensible fields from appearing in the output area.

OKTA-552146

When using the gear icon to rename a project folder, the dialog didn't save the new name.

OKTA-557034

If a Dynamic Group was specified in a helper flow but no options were provided, the helper flow preview didn't show any updates even after editing the group name or clicking the refresh button.

OKTA-557035

Dynamic output fields failed to load if the selected helper flow called a helper flow which in turn called a third helper flow.

OKTA-557039

If a Dynamic Output Group used a custom display name, the Selected Output field remained in the return card even after the Dynamic Output Group was removed.

OKTA-481683

For connectors created in Connector Builder that use a helper flow as an input, the helper flow didn't log any executions when the card was tested using the Test this card button.

OKTA-563852

Changes made to the Suspicious Activity Reported event card weren't reflected in the same event card used in the Suspicious Activity Reported template. See Suspicious Activity Reported template.

OKTA-509865

The type names available for the output of Selected Outputs fields didn't reflect the new user-friendly values in Connector Builder.

OKTA-549082

Deployed cards didn't show the Click or drop here to create input option. Also the input to output mapping and the group ordering for a deployed card didn't match the order shown on the preview card.

OKTA-552021

If a dynamic input group used a helper flow with an input named extensible, the dynamic group action failed to load.

OKTA-503928

For cards that accept multiple input fields, new entries weren't created with unique field names. This resulted in a Choose a unique name error and prevented the flow from being saved.

OKTA-547809

Adding several conditions in rapid succession on an If/Else If card sometimes resulted in a condition showing that couldn't be edited.

OKTA-554161

Flow cards that return an error as output didn't report the error unless the flow was accessed during the execution of the event.

OKTA-552535

Sometimes an execution was simultaneously presented as both complete and in progress in the Workflow history until it was manually refreshed.

OKTA-555302

Some Workflows Starter users couldn't view the terms of service dialog if they had the zoom level of their resolution set too high.

OKTA-530438

The List Users Assigned to Application card in the Okta connector didn't successfully complete when large payloads were sent through the action.

OKTA-540947

The ServiceNow connector returned an unauthorized request error for some customer authorization credentials.

OKTA-552535

Sometimes an execution was simultaneously presented as both complete and in progress in the Workflow history until it was manually refreshed.

OKTA-555302

Some Workflows Starter users couldn't view the terms of service dialog if they had the zoom level of their resolution set too high.

OKTA-530438

The List Users Assigned to Application card in the Okta connector didn't successfully complete when large payloads were sent through the action.

OKTA-540947

The ServiceNow connector returned an unauthorized request error for some customer authorization credentials.

OKTA-525875

When renaming a folder in the Workflows console, different naming behavior occurred if the user selected the flow and clicked the pencil icon next to the name, or if they clicked the gear icon in the flow.

OKTA-531559

Creating a folder failed with a server error if the folder name was longer than 255 characters.

OKTA-537031

Sometimes testing an unsaved flow that included a helper flow event with a defined input crashed the flow designer.

OKTA-543474

A flow on the Flow Page shows errors when there weren’t any in its flow history.

Google Docs

The Google Docs connector is now available in Workflows with the following action cards:

• Create Document
• Read Document
• Update Document
• Custom API Action

See Google Docs connector.

Miro User Management

The Miro User Management connector is now available in Workflows with the following cards:

• Create User
• Read User
• Update User
• Status Upgrade
• User License Type to Full

See Miro User Management connector.

Miro Administration

The Miro Administration connector is now available in Workflows with the following cards:

• Create Team
• Search Teams
• Get Team Settings
• Add Member to Team
• Update Team Invitation Settings
• Update Team Member Role
• Update Team Discovery Settings
• Update Team Collaboration Settings
• Update Team Sharing Policy Settings
• Update Team Copy Access Settings

See Miro Administration connector.

Recorded Future Identity Intelligence

For the Recorded Future Identity Intelligence connector, the following action cards are now available:

• Get Compromised Customer Identities
• Get Compromised Workforce Identities
• Lookup Compromised Identity Details

See Recorded Future Identity Intelligence connector.

Freshservice

Freshservice updated their API to V2 on November 30, 2022. To maintain functionality for your Freshservice connector, you must replace existing cards with the updated cards.

The following action cards are updated:

• Create Ticket

• Read Ticket

• Update Ticket

• Search Tickets

• Delete Ticket

• Create User

• Read User

• Update User

• Search Users

• Deactivate User

The following event cards are updated:

• Ticket Updated

• New Ticket

See Freshservice connector.

Searchable Flow History

Workflows users can see a list of past executions in the Flow History tab of the Workflows Console, but finding specific executions can be time consuming. To make finding a specific execution easier, Workflows is introducing a new quick search text box and expanding the date filtering capabilities. This allows admins to quickly identify specific executions by performing a full-text search over any data that has passed through the flow and/or constraining executions to a short timeframe. See Check Flow History.

User Notification UI improvements

We have updated the visual design of user notifications.

Dynamic group properties and fields

Workflows admins can now dynamically create a group name and fields. This gives them more control over the end user’s experience and how the group names are displayed. See Add dynamic fields and groups.

Security Solution Pack

Security Solution Pack is now available on the Workflows Console homepage and in Templates search. The Solution Pack contains a carefully curated set of templates to help solve distinct automation challenges.

Edit Properties dialog redesign

The Edit Properties dialog is redesigned for better user experience.

Updated Terms of service for Workflows Starter

A one-time disclaimer about revised terms of service is displayed to orgs on the Workflows Starter Plan.

Folder deletion enhancement

Folder deletion now supports deleting folders with inactive flows and tables.

OKTA-484456

Unexpected cards were created when an admin clicked a loading card multiple times.

OKTA-490363

The Choose Table pop-up had an incorrect title.

OKTA-534032

Some icons weren’t displayed properly in Solution Pack.

OKTA-536724

When the Searchable Flow History feature was enabled, Flow History didn’t filter results correctly if the end time was set to midnight.

Indicator for manually triggered flows (Early Access)

A loading indicator is now displayed for manually triggered flows. The indicator helps admins know that their flows were successfully triggered.

OKTA-475136

Flow Builder fields failed to render when the spelling or case didn’t match the field name.

OKTA-503448

Flows weren't properly validated when non-list object data types were used as list input.

OKTA-523362

Flow exports failed when folders were used as an input field.

OKTA-523374

In scheduled flows, the between ranges were calculated after admins clicked Save.

OKTA-507905

The Wait For function incorrectly allowed admins to set the wait time longer than 30 days.

OKTA-471074

The Find last card didn’t correctly calculate character lengths when the text contained special characters.

OKTA-509331

On the Difference card, the millisecond difference between two Date Now cards was calculated incorrectly.

OKTA-515104

Saving an authentication bottom sheet with the option Select Auth Type returned an error.

OKTA-518597

An invalid flow in Flo Designer could be successfully saved.

OKTA-530390

The Clear Empty card didn’t clear empty keys of type: date.

OKTA-514841

In Connector Builder, the User Documentation URL and Support Email Address fields weren't checked for their validity.

OKTA-515512

Dynamic drop-down menus didn’t refresh the mappings when a helper flow was selected.

OKTA-529347

Internal table column names were displayed in the UI when admins used the Tables function.

OKTA-530839

The Read Computer Group card for the JAMF Pro Classic API Connector failed with a 404 error.

Office 365 Solution Packs

The IT Operations and Seamless Office 365 Integration Solution Packs are now discoverable on the Workflows Console homepage and in Templates search. Each Solution Pack contains a carefully curated set of templates to help solve distinct automation challenges.

Searchable Flow History (Early Access)

Workflows users can see a list of past executions in the Flow History tab of the Workflows Console, but finding specific executions can be time consuming. To make finding a specific execution easier, Workflows is introducing a new quick search text box and expanding the date filtering capabilities. This allows admins to quickly identify specific executions by performing a full-text search over any data that has passed through the flow and/or constraining executions to a short timeframe. See Check Flow History.

OKTA-522559

Switching between contexts in the Card Creator panel sometimes caused the panel to close.

OKTA-522554

UI elements in Flow Builder didn’t align properly.

OKTA-516576

Items in the event selection window were incorrectly aligned.

OKTA-518284

Sometimes, the templates catalog search bar didn't trigger a search.

OKTA-518285

Clearing all search filters in the template catalog didn't clear the text search.

OKTA-519404

Test connections couldn’t be viewed or created in the Connections tab or on action cards.

OKTA-493658

If an executed flow didn't contain data, the Close and go back link in its Flow History dialog didn't lead to the expected interface.

OKTA-503645

Even when cleared by a user, an input field on an action card passed data (such as zero for a number-type field) to the connector’s third-party service.

OKTA-507787

The Preview Card dialog didn’t display card details properly if a connection was not already selected.

OKTA-512229

In the Options, Inputs, or Outputs dialogs, validation markers didn’t appear when group or field names were re-edited or invalid names were added.

OKTA-512214

In the templates catalog, if a template contained only helper flows, preview screenshots didn’t appear properly in full view mode.

OKTA-512234

In the templates catalog, for templates that contain multiple flows, full view mode didn’t consistently display the selected preview image.

OKTA-512303

After full view mode was exited, the templates catalog displayed unexpected scrolling behavior.

OKTA-521959H

The XML Build card returned incorrect results in Preview environments.

OKTA-501930

On the Activate User action card for the Okta connector, when the Send Email? option was set to No, the type for the Url output field was changed to Number (instead of Text). This caused any flow that contains the card to fail if the Url output value was mapped to other fields. See Activate User.

OKTA-501951

On the Read User action card for the Okta connector, the Credentials - Emails output field was not populated with any data. See Read User.

OKTA-502931

For the SendGrid connector, the Send Email action card returned an error when the From field was populated with an email address of a verified sender. See Send Email.

OKTA-351973

In the Authentication dialog, when OAuth 2.0 was selected as the authentication type, a change to the selected option in the Client Ownership dropdown field was not displayed.

OKTA-505216

A test deployment of a connector didn’t execute authping or revoke flows.

OKTA-498102

The Read Issue action card of the Jira connector returned values that weren’t mapped correctly.

OKTA-505057

The dynamically generated input and output fields of some Smartsheet connector cards weren't displayed.

OKTA-472594

On the Inputs and Outputs dialogs, strings in the Group Name field weren’t validated.

OKTA-477744

A connection for a test deployment instead of a local deployment was unexpectedly used by locally deployed cards in a project flow.

OKTA-479715

In Connector Builder, the display for the number of flows wasn’t refreshed when a flow in a project was deleted.

OKTA-507743

For connectors that are built with Connector Builder and use OAuth 2.0 authentication, access tokens expired unexpectedly.

OKTA-489670

The Office 365 Mail authorization page was missing information about how to create a connection with a regular Office 365 account.

OKTA-501083

Third-party connector test versions were sometimes available in production orgs.

OKTA-503757

For the Tables in the Search Rows function card, a null value was returned when no search results were found.

OKTA-504021

In the Workflows app catalog, names for connectors didn’t render properly.

OKTA-485614

The Authentication dialog didn't display a validation icon and tooltip for auto-generated Config Values.

OKTA-501072

Connectors developed by customers and deployed by Okta weren't displayed properly in Workflows Designer when the local test connector and deployed connector had the same version.

OKTA-499453

Sometimes the Okta connector experienced a connection failure.

OKTA-500375

For the Okta connector, the Update Group card returned a 400 Bad Request error when the Description input field wasn't selected.

OKTA-498150

Sometimes when a connector was already available in production and a new version was submitted, a local deployment mistakenly occurred in both the connector builder’s local environment and other instances of Workflows.

OKTA-499889

Dynamic options fields didn't load the dropdown values on event or action cards.

OKTA-479605

For the Tables - Search Rows function card, the Row ID, Created, and Updated output fields were displayed even when they weren't selected as outputs in the Select fields and click “Save” dialog.

Secure Code Warrior

An Instance Region parameter is now available in the Secure Code Warrior connector’s authentication dialog. The enhancement allows users to specify a value for a data location.

See Secure Code Warrior.

Smartsheet connector

For the Smartsheet connector, the following action cards are now available:

• Add User to Group

• Add User to Organization

• List Group

• Read Group

• Read User

• Remove User from Group

• Remove User from Organization

• Search Users

• Update User

See Smartsheet connector.

OKTA-486100

For Google Workspace User cards, the Organization Path appeared incorrectly.

OKTA-491249

On the Get Users Groups action card for the Okta connector, some fields appeared incorrectly.

OKTA-496577

The Office 365 Mail Get Message card input and output fields are reformatted with no impact to performance.

Additional context-sensitive help links

Contextual help documentation is now available for the following features:

• Extensible inputs

• Test flows

• Dynamic fields

• Outputs

• Config values

OKTA-483348

For a connector whose authentication settings contained an access token, testing an authping or httphelper flow resulted in an error.

OKTA-492983

For some Workflows environments, the name of an org didn’t appear properly in the header pane.

OKTA-446171

The Add app action and Add function dialogs inside an Error Handling - If Error function card didn't render properly.

OKTA-481743

For the URL - Parse function card, a UTF-8 encoded input value with invalid characters didn’t produce an error message nor return any output values.

OKTA-488501

For a throttled flow, the delay icon didn’t render properly in the Flow History pane if it also displayed a long status message.

OKTA-492153

In list view on the Flows page, data in the History column was garbled.

New deployment validation messages

In Connector Builder, deployment validation messages for the following scenarios are now available:

• An action flow is removed.

• Static or dynamic input fields are removed from an action card.

• Static or dynamic output fields are removed from an action card.

Field preview for action cards

While adding options or fields to an action card in Connector Builder, users can now preview the fields of the card before it is deployed.

Connector Builder button

The Connector Builder button replaces the Connectors navigation item and now opens Connector Builder in a new tab.

Third-party contact fields in the connector's profile

The User Documentation URL field for a link to externally hosted documentation and the Support Email Address field for third-party contact information are now available in the connector’s Settings dialog.

OKTA-467156

For dynamically generally input fields, fields of the type option didn’t render properly.

OKTA-477034

In the Test Connection dialog, the selection of a test connection wasn’t retained from previous tests for an action flow.

OKTA-489625

A message indicating that a connector passed validation for deployment didn’t appear properly.

Execution limits for flows

The Workflows platform now includes execution limits on flows. Flow throttling is a Workflows feature that automatically detects, limits, and notifies users when specific flows consume excessive resources during a defined window of time. Flow throttling doesn't impact or prevent the completion of a flow.

See Execution limits.

Okta connector

For the Okta connector, the following event cards are now available:

• Device Activated
• Device Added to User
• Device Deactivated
• Device Deleted
• Device Enrolled
• Device Suspended
• Device Unsuspended

See Okta connector.

OKTA-448687

On the Send Email action card for the SendGrid connector, the Attachments field disappeared under the conditions in this sequential order:

1. The Attachments field contained an object.

2. The Choose fields dialog was opened and closed.

OKTA-467169

For dynamically generated fields, available field types weren't displayed.

OKTA-481450

For an action flow that invoked an inactive helper flow, the link to the flow in the connector Validation dialog didn’t lead back to the flow editor.

Office 365 Mail

For Office 365 Mail connector, the Get Message action card now includes mail options for users to access a shared or delegated email account and updated input and output fields. See Get Message.

For the Office 365 Mail connector, the following action cards are now available:

• Download Message Attachment

• Search Emails

See Office 365 Mail connector.

Google Workspace

For the Google Workspace connector, the Search Users action card now includes streaming. See Search Users.

Connector Fixes

OKTA-352387

In the Basic authentication dialog, if username or password was added as a value in the Key field, the parameter was added unexpectedly to the Credentials section and became uneditable.

OKTA-467587

The use of ? and & characters in field labels caused an unexpected validation error.

OKTA-480684

In the OAuth authentication dialog, the values in the Key field for Client ID and Client Secret were editable and deletable.

OKTA-481366

In any authentication dialog, if access_token or refresh_token was added to the Key field for a parameter, the parameter row disappeared.

OKTA-391123

A connection for a deployed connector that was created in Connector Builder using OAuth authentication wasn't refreshed when its access token expired.

OKTA-472777

In the Config Values section of the Authentication dialog, an expected validation error didn’t occur when the Value from Helper Flow option was selected but a helper flow wasn’t specified.

OKTA-478212

In the Authentication dialog, the key for a config value wasn’t generated automatically if the Label field contained special characters only.

OKTA-460727

For the Tables function, an error was returned if the Search Rows card was included in a flow that ran every five minutes, or if the Table ID field contained an invalid value.

OKTA-463583

Using the Download in SVG format button to download a flow chart resulted in an error.

OKTA-467211

In the Workflows interface, the loading icon wasn’t visible.

OKTA-478578

For the GitHub connector, the Update File Content action card returned an error when the target file exceeded 1MB in size.

Jamf Pro Classic API

For the Jamf connector, the following action cards are now available:

• Add Computer to Static Computer Group

• Add Mobile Device to Static Mobile Device Group

• Create Static Computer Group

• Create Static Mobile Device Group

• Delete Computer Group

• Delete Mobile Device Group

• Read Computer Group

• Remove Computer from Static Computer Group

• Remove Mobile Device from Static Mobile Device Group

See Jamf Pro Classic API connector.

Office 365 Admin

For the Office 365 Admin connector, the following action cards are now available:

• Assign Manager

• Create Contact

• List Contact Folders

• Read User Manager

• Revoke User Sign In Sessions

• Search Contacts

See Office 365 Admin connector.

Atlassian Admin

For the Atlassian Admin connector, a Jira Account ID output field is now available on the following cards:

• Create User

• Get User

• Search Users

See Atlassian Admin connector.

AWS S3

For the AWS S3 connector, the following action cards are now available:

• Copy Object

• Custom API Action

• Search Buckets

• Search Objects

• Tag Object

See AWS S3 connector.

Okta

For the Okta connector, the following event and action cards are now available:

• Search System Logs (action)

• User Account Locked

• User Account Unlocked

See Okta connector.

AWS S3

The AWS S3 connector is now available with the following action cards:

• Create Bucket

• Delete Bucket

• Delete Object

• Download Object

• Read Object

• Read Object Tags

See AWS S3 connector.

Secure Code Warrior

The Secure Code Warrior connector is now available with the following action cards:

• Check Assessment Completion for User

• Check Course Completion for User

• Custom API Action

• Get Assessment Attempts for User

• List Course Enrollments for User

See Secure Code Warrior.

Gmail

For the Gmail connector, several enhancements are now available in action cards:

• The Google Cloud Platform Project and Service Account dropdown fields now list a maximum of 100 options.

• The Enter Service Account Email option is now available on the Google Cloud Platform Project and Service Account dropdown fields.

• If options on the Google Cloud Platform Project or the Service Account dropdown fields fail to load, the Enter Service Account Email option will appear as the only available option.

• When Enter Service Account Email is selected from the Service Account dropdown field, an additional Email input field in the Service Account section of the card appears.

These enhancements are available on the following cards:

• Add Delegate

• Add Send-As Alias

• Delete Delegate

• Delete Send-As Alias

• Forward Emails

• List Delegates

• Set Auto Reply

• Update User Gmail Settings

See Gmail connector.

Slack

For the Slack connector, several enhancements are now available in event and action cards:

• A maximum of 200 public and 200 private channels (as applicable on some cards) now appear in the Channel dropdown field.

• For action cards, when a failure occurs and no channels are listed in the Channel dropdown field, an Enter Channel ID option appears.

These enhancements are available on the following cards:

• Archive Channel

• Get Users in Channel

• Invite User to Channel

• Join Channel

• Leave Channel

• New Message in Channel (event)

• New Message in Private Channel (event)

• New Pinned Message (event)

• Read Message History

• Remove User from Channel

• Rename Channel

• Send Ephemeral Message

• Send File to Channel

• Send Message to Channel

See Slack connector.

Zendesk

For the Zendeskconnector, retries for error handling are no longer available on the following event cards:

• New Comment on Ticket

• New Ticket

• Updated Organization

• Updated Ticket

See Zendesk connector.

Microsoft Teams

For the Microsoft Teams connector, the following action cards are now available:

• Create Chat

• Search Channels

• Search Chats

• Send Message to Channel

• Send Message in Chat

For the Create Channel card, the Members field has been replaced with the User IDs field.

The following scopes are now available:

• Channel.Create

• ChannelSettings.ReadWrite.All

• ChannelMessage.Send

• Chat.ReadWrite

See Microsoft Teams connector.

Office 365 Calendar

The Office 365 Calendar connector is now available with the following action cards:

• Create Event

• Custom API Action

• Delete Event

• List Calendars

• Read Event

• Search Events

• Search Rooms

• Update Event

See Office 365 Calendar connector.

Office 365 Mail

For the Office 365 Mail connector, the Custom API Action card and the following scopes are now available:

• Mail.ReadWrite

• Mail.Send

• Mail.Send.Shared

• Mail.ReadWrite.Shared

• offline_access

See Office 365 Mail connector.

OneDrive

The OneDrive connector is now available with the following event and action cards:

• Create Folder

• Create Organization Sharing Link

• Create Recipients Sharing Link

• Custom API Action

• Delete Permission

• Download File

• File or Folder Updated (event)

• List Permissions

• Move File or Folder

• Read File or Folder

• Search Files or Folders

• Upload File

See OneDrive connector.

Secure Code Warrior

The Secure Code Warrior connector is now available with the following action cards:

• Check Assessment Completion for User

• Check Course Completion for User

• Custom API Action

• Get Assessment Attempts for User

• List Course Enrollments for User

See Secure Code Warrior.

HubSpot CRM

For the HubSpot CRM connector, the contacts scope has been deprecated. The following scopes are now available:

• crm.objects.contacts.write
• crm.objects.contacts.read
• crm.objects.companies.write
• crm.objects.companies.write

To ensure that these granular scopes are granted to your HubSpot CRM application, reauthenticate your HubSpot CRM connections by February 28, 2022.

See Authorization

Box

For the Box connector, the following event cards are now available:

• Collaboration Created

• File Moved

• File Uploaded

• Folder Created

• Shared Link Created

• Shared Link Updated

See Box connector.

Google Drive

For the Google Drive connector, the File Content ID field was renamed as File Content on the following action cards:

• Download File

• Update File

• Upload File

Asana

For the Asana connector, the Add Task action card is now available. See Add Task.

Gmail

For the Gmail connector, the following action cards are now available:

• Add Send-As Alias

• Delete Delegate

• Delete Send-As Alias

• List Delegates

See Gmail connector.

Google Workspace Admin

For the Google Workspace Admin connector, the following action cards are now available:

• Sign Out User

• Turn Off MFA

See Google Workspace Admin connector.

Jamf Pro Classic API

For the Jamf Pro Classic API connector, a connection now requires access to the /JSSResource/distributionpoints endpoint.

See Authorization.

Microsoft Teams

For the Microsoft Teams connector, the following action cards are now available:

• Add Member to Channel

• Create Channel

• List Channel Members

• Read Channel

• Remove Member from Channel

See Microsoft Teams connector.

Okta (Hotfix)

For the Okta connector, the following event and action cards are now available:

• Access Certification Decision Submitted (event)

• Assign Group to Application

• List Applications Assigned to Group

• List Applications Assigned to User

• List Groups Assigned to Application

• Read Application

• Read Assigned Group for Application

• Remove Group from Application

• Reset Password

• Search Applications

For the Okta connector, enhanced search and data streaming options are now available on the following action cards:

• Find Users

• Get Users Groups

• List Group Members

• List Users Assigned to Application

• List Users with Filter

• List Users with Search

• Search Groups

• Search Group Rules

See Okta connector.

Salesforce

For the Salesforce connector, the following action cards are now available:

• Download Attachment

• Download Document

• Download Document using Content Document Id

See Salesforce connector.

Jamf Pro Classic API

For the Jamf Pro Classic API connector, a connection now requires access to the /JSSResource/distributionpoints endpoint. See Authorization.

See Box connector.

Dropbox for Business

For the Dropbox for Business connector, an active access token is now revoked if a connection to Box is deleted in Workflows.

Okta

On all event cards for the Okta connector, the Full Details output field is no longer available in Production.

For the Okta connector, the following action cards are now available in Production:

• Activate Group Rule

• Create Group

• Create Group Rule

• Deactivate Group Rule

• Delete Group

• Delete Group Rule

• Read Group Rule

• Update Group

• Update Group Rule

See Okta connector.

Jamf

The Jamf connector is now available with the following action cards:

• Add User to Static User Group

• Create Department

• Create Static User Group

• Create User

• Custom API Action

• Delete User

• Delete User Group

• Read Computer

• Read Department

• Read Mobile Device

• Read Mobile Device Group

• Read User

• Read User Group

• Remove User from Static User Group

• Send Computer MDM Command

• Send Mobile Device MDM Command

• Update User

See Jamf Pro Classic API connector.

Microsoft Teams

The Microsoft Teams connector is now available with the following action cards:

• Add Member

• Create Team from Group

• Custom API Action

• List Members

• Read Team

• Remove Member

• Search Teams

The Search Teams action card supports streaming.

See Microsoft Teams connector.

Box

For the Box connector, an active access token is now revoked if a connection to Box is deleted in Workflows.

See Authorization.

For the Box connector, the Address and Phone Number output fields have been added to the following action cards:

• Get User

• Search Users

See Box connector.

PagerDuty

For the PagerDuty connector, the following action cards are now available in Preview:

• Add User to Team

• Build Restriction Object

• Build Schedule Layer

• Build User Object

• List Team Members

• Read Schedule

• Read Users on Call

• Remove User from Team

• Search Schedules

• Search Teams

• Update Schedule

The Search Schedules and Search Teams action cards support streaming.

See PagerDuty connector.

Office 365 Admin

For the Office 365 Admin connector, the following action cards are now available in Preview and Production:

• Assign Role to User

• Read Directory Roles

• Read User Roles

• Search Group Members

• Unassign Role from User

See Office 365 Admin connector.

For the Office 365 Admin connector, the following input fields are no longer available in Preview and Production:

• The Created Date Time field in the Search Users action card. See Search Users.

• The Renewed Date Time field in the Search Groups card. See Search Groups.

Okta

On all event cards for the Okta connector, the Full Details output field is no longer available in Preview.

For the Okta connector, the following action cards are now available in Preview:

• Activate Group Rule

• Create Group

• Create Group Rule

• Deactivate Group Rule

• Delete Group

• Delete Group Rule

• Read Group Rule

• Update Group

• Update Group Rule

See Okta connector.

Opsgenie

The Opsgenie connector is now available with the following action cards:

• Add Team Member

• Build Participant Object

• Build Time Restriction Object

• Create Schedule

• Create Schedule Rotation

• Create Team

• Create User

• Custom API Action

• Delete Schedule

• Delete Schedule Rotation

• Delete Team

• Delete User

• List Teams

• Read On-Call Participants

• Read Schedule

• Read Schedule Rotation

• Read Team

• Read User

• Remove Team Member

• Search Users

• Update Schedule Rotation

• Update User

The Search Users action card supports streaming.

See Opsgenie connector.

Google Calendar

For the Google Calendar connector, the Custom API Action card is now available.

See Custom API Action.

Google Cloud Functions

For the Google Cloud Functions connector, the Custom API Action card is now available.

See Custom API Action.

Google Drive

For the Google Drive connector, the Custom API Action card is now available.

See Custom API Action.

Google Sheets

For the Google Sheets connector, the Custom API Action card is now available.

See Custom API Action.

Google Workspace Admin

For the Google Workspace Admin connector, the Custom API Action card is now available.

See Custom API Action.

Gmail

For the Gmail connector, the Custom API Action card is now available.

See Custom API Action.

Zendesk

For the Zendesk connector, the following action cards are now available:

• Read Organization

• Search Organizations

• Update Organization

See Zendesk connector.

Okta

For the Okta connector, streaming is now available in Preview and Production for the following action cards:

• Find Users

• List Users with Filter

• List Users with Search

Instead of producing a list of search results, streaming allows Workflows admins to circumvent limits on the number of records that be produced in a search and pass those results to a child flow.

See Okta connector.

Evident ID

For the Evident ID connector, both demo (sandbox) and production accounts are now supported. See Authorization.

Slack

For the Slack connector, the following event and action cards are now available:

• Get Users in Channel

• New Channel Created (event)

• Remove User from Channel

• Rename Channel

• Send Ephemeral Message

• Send File to Channel

• Send File to User

The following action cards now support block type messages through the Message Type drop-down option:

• Send Direct Message

• Send Message to Channel

The following action cards now return a maximum of 100 public channels and 100 private channels:

• Archive Channel

• Join Channel

• Leave Channel

• Read Message History

The Slash Command action card now supports signing Slack API requests through the Use Signing Key drop-down option.

The Invite User to Channel action card now supports inviting users by username or by user ID through the Field Type drop-down option.

The Search Channel action card now includes the Is Private? and Purpose output fields.

To use the new Slack action cards, you must re-authenticate your existing connection or create a new connection to Slack, as the cards require the new scope files:write.

See Slack connector.

Dropbox for Business

For the Dropbox for Business connector, the following action cards are now available:

• Download File

• Search Files or Folders

• Upload File

Note: You must re-authenticate your existing connection or create a new connection to Dropbox for Business to use the new cards, as they require the following new scopes:

• files.metadata.read

• files.content.read

• files.content.write

• team_data.member

See Dropbox for Business connector.

Freshservice

The Freshservice connector is now available with the following action and event cards:

• Create Ticket

• Delete Ticket

• New Ticket (event)

• Read Ticket

• Search Tickets

• Search Users

• Ticket Updated (event)

• Update Ticket

The Search Tickets and Search Users action cards support streaming.

See Freshservice connector.

Box

For the Box connector, the following action cards are now available:

• Download File

• Upload File

See Box connector.

Google Drive

For the Google Drive connector, the Download File action card is now available.

See Google Drive connector.

Office 365 Admin

For the Office 365 Admin connector, unsupported input fields have been removed from the following action cards:

• Search Groups

• Search Users

• Update User

See Office 365 Admin connector.

Freshservice

The Freshservice connector is now available with the following action cards:

• Create User

• Custom API Action

• Deactivate User

• Read User

• Update User

See Freshservice connector.

SendGrid

For the SendGrid connector, the Send Email action card is now available.

See SendGrid connector.

Zoom

For the Zoom connector, several enhancements are now available:

• The Delete User card now supports the disassociating of users and the transfer of assets. Admins can disassociate a user from a paid plan and allow the transfer of recordings, meetings, and webinars to another user. See Delete User.

• The Custom API Action card now allows admins to select the Zoom API or SCIM API. See Custom API Action.

• The users/user:write:admin scope enables the Delete User and Custom API Action cards to call the Zoom API to perform the disassociate and transfer use cases.

Okta

For the Okta connector, updated descriptions for event cards are now available in the Workflows interface in Preview environments.

Google Drive

For the Google Drive connector, support for shared drives is available for the following action cards:

• Copy File

• Create Folder

• Create Permission

• Update File Info

• Update File Permission

• Update Folder Info

See Google Drive connector.

Google Calendar

For the Google Calendar connector, the following action cards are now available:

• Add User To Calendar

• Remove User From Calendar

• Search Rooms

See Google Calendar connector.

Google Workspace

For the Google Workspace Admin connector, the Create User card is now updated. The Is Admin? and Is Delegated Admin? boolean input fields are no longer available when the action card is added to new or existing flows. Where the Create User action card is already part of an existing flow, the input fields will remain.

For the Google Workspace Admin connector, the section header for the Status Code output field has been updated from Response to Result for the following action cards:

• Activate User

• Add Address to User

• Add Email to User

• Add External ID to User

• Add Relation to User

• Add User to Group

• Assign License to User

• Deactivate User

• Delete User

• Delete User Access Token

• Delete User Alias

• Delete User ASP

• Delete User Device

• Invalidate User Verification Code

• Make User Admin

• Perform Device Action

• Remove User from Group

• Unassign License from User

• Update User

See Google Workspace Admin connector.

Jira

For the Jira connector, the Update Issue card now returns an error message if a custom field is used that is not already configured for the Jira issue type.

See Jira connector.

Enhancements to the Add app action menu for API Connector

The Add app action menu for API Connector cards has been enhanced for better usability.

Character limits for folder names on the Home page

The character limit has been removed for folder names displayed above a flow list on the Workflows home page.

Updated descriptions for ServiceNow cards in the Workflows interface

For the ServiceNow connector, updated descriptions and improved search results for event and action cards are now available in the Workflows interface.

OKTA-379325

Flow executions didn't run on the defined monthly cadence if they were set up with the Flow Schedule dialog.

OKTA-392558

When a card was added to two different stages of a flow, two instances of the Add app action menu appeared in Workflows designer simultaneously.

OKTA-393889

For OAuth connectors, file upload and download cards and their attachments received a 400 status code (Unknown Error) if they entered OAuth refresh.

OKTA-396050

For the OneTrust connector, an ambiguous error message was returned when invalid credentials were used for a connection.

OKTA-397144

The following function cards which were not intended for general availability were accessible in Workflows environments:

• CSV - Decode

• CSV - Encode

• List - Map

Connector Updates

New Object functions added

The following new Object function cards have been added for Workflows environments created through Okta:

• Collapse: Collapse a list of objects with key and value properties into a single object, removing duplicates.

• Split: Split an object into a list of objects, each with key and value properties.

See Functions in Workflows.

Shopify

The Shopify connector is now available with the following action cards:

• Add Address to Customer

• Create Customer

• Custom API Action

• Read Customer

• Search Customers

• Update Customer

See Shopify connector.

Slack

For the Slack connector, support for a channel name input is now available. The Channel ID or Name and Channel Type input fields are now available on the Send Message to Channel action card. See Send Message to Channel.

HubSpot CRM

The HubSpot CRM connector is now available with the following action cards:

• Associate Contact with Another Object

• Create Contact

• Custom API Action

• Delete Contact

• Read Company

• Read Contact

• Remove Association between Contact and Another Object

• Search Companies

• Search Contacts

• Update Contact

See HubSpot CRM connector.

AWS SSO

The AWS SSO connector is now available with the following action cards:

• Add AWS Entitlements

• List AWS Entitlements

• List Instances

• Remove All AWS Entitlements

• Remove AWS Entitlements

See AWS Multi-Account Access connector.

SendGrid

The SendGrid connector is now available with the following action cards:

• Add Contact to List

• Create Contact

• Create List

• Create Single Send

• Custom API Action

• Delete Contact

• Read Contact

• Read Contact Job

• Schedule Single Send

• Search Contacts

• Update Contact

See SendGrid connector.

Okta

For the Okta connector, the following event cards are now available:

• Application Activated

• Application Created

• Application Deactivated

• Application Deleted

• Application Updated

• User Password Imported

See Okta connector.

AWS SSO

The AWS SSO connector is now available with the following action cards:

• Add AWS Entitlements

• List AWS Entitlements

• List Instances

• Remove All AWS Entitlements

• Remove AWS Entitlements

See AWS Multi-Account Access connector.

Zendesk

For the Zendesk connector, the following action cards are now available:

• Download Attachment

• Read Ticket Attachments

• Upload Attachment

See Zendesk connector.

Mixpanel

The Mixpanel connector is now available with the following action cards:

• Create Profile

• Create Track Events

• Custom API Action

• Delete Profile

• Read Profile

• Search Profiles

• Search Track Events

• Update Profile

See Mixpanel connector.

GitHub

For the GitHub connector, the Create Pull Request action card is now available. See GitHub connector.

G Suite Admin

Some action cards for the G Suite Admin connector didn’t contain output fields. The following cards have been updated with a Status Code output field:

• Add Address to User

• Add Email to User

• Add External ID to User

• Add Relation To User

• Add User to Group

• Assign License to User

• Create Custom Schema

• Delete User Alias

• Make User Admin

• Remove User from Group

• Unassign License from User

• Update User

See Google Workspace Admin connector

GitHub

For the GitHub connector, the following action cards are now available:

• Create Branch

• Create File Content

• Read Issue

• Read Repository

• Search Branches

• Update File Content

See GitHub connector.

Advanced Server Access

The Advanced Server Access connector is now available with the Create PreAuthorization action card.

See Advanced Server Access connector.

SmartRecruiters

The SmartRecruiters connector is now available with the following Action cards:

• Add User to Group

• Create User

• Custom API Action

• Deactivate User

• Read User

• Remove User from Group

• Search Groups

• Search Users

• Update User

See SmartRecruiters connector.

Excel Online

The custom revocation of access tokens for the Excel Online connector is now available. An alert message appears if you try to revoke a token from a connector that doesn't support revocation.

For the Excel Online connector, the Read Worksheet Info action card is now available.

For the Excel Online connector, the following updates are now available:

• The Search Rows by Column action card has a Row ID output field.

• The Read All Rows action card can read up to 500,000 rows.

See Excel Online connector.

PagerDuty

For the PagerDuty connector, the Search User action card now supports pagination.

Salesforce

For the Salesforce connector, the following Action cards are now available:

• Get All Permission Set Licenses

• List User Permission Assignments

• Remove User Entitlements

See Salesforce connector.

Asana

For the Asana connector, the following action cards are now available:

• Add Task

• Create Project

• Read Project

• Read Project Tasks

• Search Projects

• Search Tasks

• Search Teams

See the Asana connector.

GitHub

For the GitHub connector, the following action cards are now available:

• Create Issue

• Read Pull Request

• Update Issue

• Update Pull Request

See the GitHub connector.

Gmail

G Suite email accounts are now required for authorization.

In the Send Email with Attachment action card, the Email - To field is now required, and the Body field must be chosen when including an attachment. See Send Email with Attachment.

The New Email event card now supports pagination. See New Email.

The Update User Gmail Settings action card is now available. See Update User Gmail Settings.

Zendesk

For the Zendesk connector, the Remove User from Organization action card is now available. See Remove User from Organization.

G Suite Admin

Okta is focused on the adoption of inclusive language and communication. Some long-standing industry terminology and expressions have been updated as part of this initiative. In the G Suite Admin connector, whitelist is now referred to as allow list.

GitHub

For the GitHub connector, the Custom API Action card has been updated to handle errors more effectively. Additionally, the following action cards are now available:

• Update User
• Search Users
• Read User
• Search Repositories
• Search Teams
• Search Organization
• Add User to Repository
• Remove User from Repository
• Add User to Team
• Remove User from Team
• Add User to Organization
• Remove User from Organization

See the GitHub connector.

Okta

The Update User card now includes an option to choose whether to pass empty values. See Update User.

Salesforce

For the Salesforce connector, the Search Permission Set Groups action card is now available. The Create User and Update User cards have been updated to support the new card.

See Salesforce connector.

Zendesk

For the Zendesk connector, the following Action cards are now available:

• Delete User
• Add User to Group
• Remove User from Group
• Search Groups
• List Group Members
• Read Group

See Zendesk connector.

Zoom

For the Zoom connector, the following Action cards are now available:

• Add User to Group
• Remove User from Group
• List Group Members
• Search Groups

See Zoom connector.

Okta

For the Okta connector, the Full Details output field in all event cards has been replaced with the following fields:

• Event Details
• Headers
• Source
• Debug Data

If you are using the Full Details output field in your flows, we recommend switching to the new fields.

Docusign

The Docusign connector is now available with the following cards:

• Add Custom Envelope Field
• Add Recipient to Envelope
• Add User to Group
• Create Envelope
• Create User
• Custom API Action
• Delete User
• Download Document in Envelope
• List Groups
• List Users in Group
• Modify Custom Field in Envelope
• Read Envelope
• Read User
• Remove User from Group
• Search Custom Fields in Envelope
• Search Envelope
• Search Users
• Send Envelope
• Update User
• Upload Document to Envelope

See DocuSign connector.

Asana

For Asana connector, the following Action cards are now available:

• Add User to Team
• Add Users to Project
• Create User
• Deactivate User
• List Tasks
• Read User
• Read User Tasks
• Remove User from Team
• Remove Users from Project
• Search User
• Update User

See Asana connector.

OKTA-324907

In some cases, running a Flow threw an incorrect Unexpected Character error.

Proofpoint

The Proofpoint connector is now available with the following cards:

• Custom API Action
• Read Permitted Malicious Links
• Read Delivered Malicious Messages
• Read Compromised User
• New Permitted Malicious Link (Event)

See the connector docs.

G Suite

The following cards are now available for the G Suite connector:

• Search Groups
• List Group Members

GitHub

The GitHub connector is now available with the Custom API Action card. See the connector docs.

Jira Service Desk

1. The New Request, New Request in Queue, Request Updated cards have been updated to fix the following issues:
   • Users couldn’t turn off Flows.
   • Webhooks weren’t deregistered when Flows were stopped.
2. The following cards have updated required input fields:
   • Create Customer: Display Name and Email
   • Remove Customer From Service Desk: Customer IDs
   • Read Organization: Organization ID
   • Delete Organization Property: Organization ID and Property Key