Permission type changes for delegated flows
Early Access release. See Enable self-service features.
The role-based access control (RBAC) feature introduces two new permission types to replace existing permissions for delegated flows.
|
Existing permission |
Description |
New permission |
|---|---|---|
|
okta.workflows.read |
The admin can view delegated flows |
okta.workflows.flows.read |
|
okta.workflows.invoke |
The admin can view and run delegated flows |
okta.workflows.flows.invoke |
When you initially enable the RBAC feature, the System Log records the addition of the new permission types for all roles that had the existing permission type.
After RBAC is enabled, Okta also adds or removes the corresponding new permission when you add or remove an existing permission. For example, adding the okta.workflows.invoke permission to a user also adds the okta.workflows.flows.invoke permission.
If you disable the RBAC feature, the System Log contains events for the removal of the new permission types.