Parent flows and other flow types

Parent and helper flows are the two primary types of flows that you can run on the Workflows platform.

In the Workflows interface, a child flow is now referred to as a helper flow. The functionality for such flows remains unchanged.

A parent flow (the caller) can be one of the following:

  • An event flow triggered by a third-party application event such as the Record Updated event card for the Salesforce connector

  • A Schedule flow scheduled to run at predetermined intervals

  • An API Endpoint flow that runs against a specified API endpoint

  • A delegated flow that can be assigned to and run by an admin user who is specified in the Okta Admin Console

A helper flow, on the other hand, can be called from any parent flow to perform a repeated action such as querying a list. Once the helper flow is called by the parent, it becomes active and runs. Otherwise, it remains inactive.

In Folder view, all flows that belong to a particular folder are listed and can be sorted by type, their active status, their name, their author, their date cared, or the date when they were last edited.

Note that a type is displayed for each flow in a folder.

About application event flows

Flows that run based on an application event run when an action takes place in Okta or a third-party application. These are basic examples of such events:

  • A user is added to an application in Okta
  • A new customer is created in Salesforce
  • A new row is added to a Google Sheet

Many application events, including those from Okta, are triggered in response to an incoming webhook. The external system makes an HTTP call to Workflows immediately when the specified event occurs, and that event-based flow runs.

About scheduled flows

A scheduled flow is used to run on a schedule, such as once an hour, 5pm on Fridays, or at 9am on the first day of every month.

Adding a scheduled flow event prompts you to provide the schedule details. You can change the schedule by clicking the clock icon at the bottom of the card. Note that you can similarly adjust the schedule of most application events. For example, you can set a Salesforce - New Record event to check for new records every Friday at 5pm rather than every 5 minutes.

The schedule goes into effect only after the flow has been turned on.

Each scheduled flow card has the following outputs:

  • Current Time: Date and time that the current instance of the flow was initiated (in ISO UTC format). This can be passed to any text or date & time input.

  • Execution ID: Unique ID of the flow instance.

About API Endpoint flows

API Endpoint flows are flows that can be triggered from an outside source. Unlike flows that start with events associated with an application, these flows can be triggered at any time, so long as the client is hitting the appropriate endpoint with the appropriate security setting.

The client calling the endpoint causes the flow to execute and the client receives back the output of that execution of the flow.

You can expose this API endpoint in two ways:

  • Exposed as a Webhook: A flow exposed at this security level will only be able to be accessed if the client making an invoke / resume / retry request is passing along the proper client token along with the proper invoke URL (which includes a flow alias). For more information about client tokens and flow aliases, see Flow client token and Flow aliases.
  • Exposed as a Public Service: A flow exposed at this security level will be available to anyone with the invoke URL. This invoke URL is built off of the flow alias.

You change how you want to expose an API endpoint from the API Endpoint Settings dialog.

Once you’ve decided how you want your API Endpoint to be properly exposed, you may then invoke the flow.

About delegated flows

To learn more about delegated flows, see Delegated flows.

Related topics

Build and test a flow