Resource permissions
Early Access release. See Enable self-service features.
This feature is available only on Preview orgs.
The role-based access control (RBAC) feature in Okta Workflows enables you to restrict permissions on resources to specific roles. Unless otherwise noted, resource permissions are managed using the Workflows Console. See Manage Workflows roles.
Only Okta super admins have access to delegated flows and these are assigned and executed using the Okta Admin Console. See Run a delegated flow.
The following tables identify specific resources that each role can access.
Roles
| Permission | Super Administrator | Workflows Administrator | Connection Manager | Workflows Auditor | Unassigned User |
|---|---|---|---|---|---|
| Assign Workflows Administrator (in the Okta Admin Console) |
|
|
|
|
|
| Assign Connection Manager |
|
|
|
|
|
| Assign Workflows Auditor |
|
|
|
|
|
| View role assignments |
|
|
|
|
|
Pages
| Permission | Super Administrator | Workflows Administrator | Connection Manager | Workflows Auditor | Unassigned User |
|---|---|---|---|---|---|
| View Home page |
|
|
|
|
|
| View Flows page |
|
|
|
|
|
| View Connections page |
|
|
|
|
|
| View Templates page |
|
|
|
|
|
| View Settings page |
|
|
|
|
|
Connections
| Permission | Super Administrator | Workflows Administrator | Connection Manager | Workflows Auditor | Unassigned User |
|---|---|---|---|---|---|
| Create global connections |
|
|
|
|
|
| View global connections |
|
|
|
|
|
| View global connections usage |
|
|
|
|
|
| Rename global connections |
|
|
|
|
|
| Reauthorize global connections |
|
|
|
|
|
| Test global connections |
|
|
|
|
|
| Delete global connections |
|
|
|
|
|
Folders
| Permission | Super Administrator | Workflows Administrator | Connection Manager | Workflows Auditor | Unassigned User |
|---|---|---|---|---|---|
| Create root folders |
|
|
|
|
|
| Modify root folders |
|
|
|
|
|
| Delete root folders |
|
|
|
|
|
| Create subfolders |
|
|
|
|
|
| Modify subfolders |
|
|
|
|
|
| Delete subfolders |
|
|
|
|
|
| Export folders |
|
|
|
|
|
| Import folders |
|
|
|
|
|
| Duplicate folders |
|
|
|
|
|
Flows
| Permission | Super Administrator | Workflows Administrator | Connection Manager | Workflows Auditor | Unassigned User |
|---|---|---|---|---|---|
| Create flows |
|
|
|
|
|
| View flows |
|
|
|
|
|
| Execute flows |
|
|
|
|
|
| Activate or deactivate flows |
|
|
|
|
|
| Cancel flows |
|
|
|
|
|
| Modify flows |
|
|
|
|
|
| Delete flows |
|
|
|
|
|
|
Export flows |
|
|
|
|
|
|
View Execution History |
|
|
|
|
|
|
Activate or deactivate Execution History |
|
|
|
|
|
| Clear Execution History |
|
|
|
|
|
| View Flow Chart |
|
|
|
|
|
| Move flows between folders |
|
|
|
|
|
| Duplicate flows |
|
|
|
|
|
Tables
| Permission | Super Administrator | Workflows Administrator | Connection Manager | Workflows Auditor | Unassigned User |
|---|---|---|---|---|---|
| Create tables |
|
|
|
|
|
| View tables |
|
|
|
|
|
| Export tables |
|
|
|
|
|
| Modify tables |
|
|
|
|
|
| Delete tables |
|
|
|
|
|
| Duplicate tables |
|
|
|
|
|
| Move tables |
|
|
|
|
|
Files
| Permission | Super Administrator | Workflows Administrator | Connection Manager | Workflows Auditor | Unassigned User |
|---|---|---|---|---|---|
| Download files |
|
|
|
|
|
| View files |
|
|
|
|
|
Templates
| Permission | Super Administrator | Workflows Administrator | Connection Manager | Workflows Auditor | Unassigned User |
|---|---|---|---|---|---|
| Install templates |
|
|
|
|
|
| Access template resources |
|
|
|
|
|
The Install templates permission means that the user can add a template into Okta Workflows.
The Access template resources permission means that the user can browse the templates on the Templates page and view all template details (names, descriptions, and images).