About a flow client token
Flows at the lowest level of security are accessed by its alias alone.
A flow client token is used as a query parameter on medium security level flows. The Webhook level of security allows a client to pass along this token to identify itself as a safe party to Okta Workflows.
For added security, you can also pass the token in the x-api-client-token header.
Anyone with this client token will be able to access this flow with the following Okta Workflows API routes:
Invoke a flow
Resume a paused flow
Retry a flow
Generate an Open API Specification for this flow
For more information about these routes, see Okta API documentation.