Flow client token
At the lowest level of security, you can access a flow only using its alias.
For medium security flows, a unique client token is used as a query parameter. This level of security allows a client to pass along a token to identify itself as a safe party to Okta Workflows. You can also pass the token inside the x-api-client-token header.
Anyone with the client token can access your flow through the following Okta Workflows API routes:
-
Invoke a flow
-
Resume a paused flow
-
Retry a flow
-
Generate an open API specification for this flow