Okta connector
Okta provides tools to manage access and authentication based on identity. You can create, update, list, and delete users, add users to groups, assign users to apps, and make custom calls to the Okta API.
Authorize your Okta account
When you add an Okta card to your flow, you need to authorize an account from your Okta org. See Authorization.
Revoke Okta tokens
When you've deleted a user or a connection to your Okta org, the connector revokes all associated access tokens. You don't have to delete the tokens manually.
Guidance for Okta connector
Refer to this information for guidance and best practices when using the Okta connector in your flows. See Guidance for Okta connector.
For information about how Okta connector cards impact the rate limits for your environment, see Workflows system limits.
Scopes
Grant the required scopes for each of the event and action cards that you want to use in your Okta connector. See Scopes for Okta connector cards.
Okta connector event cards
| Event | Description |
|---|---|
|
Trigger a flow when a decision on the access to a resource is made in Okta. |
|
|
Trigger a flow when an Access Request is created in Okta. |
|
|
Trigger a flow when an Access Request is resolved in Okta. |
|
|
Trigger a flow when an API token is created in Okta. |
|
|
Trigger a flow when an API token is revoked in Okta. |
|
|
Trigger a flow when an application is activated in Okta. |
|
|
Trigger a flow when an application is created in Okta. |
|
|
Trigger a flow when an application is deactivated in Okta. |
|
|
Trigger a flow when an application is deleted in Okta. |
|
|
Trigger a flow when an application is updated in Okta. |
|
|
Trigger a flow when an authenticator is activated in Okta. |
|
|
Trigger a flow when an authenticator is deactivated in Okta. |
|
|
Trigger a flow when a device is activated for Okta Verify. |
|
|
Trigger a flow when a device is added to a user for Okta Verify. |
|
|
Trigger a flow when a device is deactivated for Okta Verify. |
|
|
Trigger a flow when a device is deleted from Okta Verify. |
|
|
Trigger a flow when a new device is registered successfully for Okta Verify. |
|
|
Trigger a flow when a device is suspended for Okta Verify. |
|
|
Trigger a flow when a device is unsuspended for Okta Verify. |
|
|
Trigger a flow when a group is successfully created in Okta. |
|
|
Trigger a flow when a group is successfully deleted in Okta. |
|
|
Trigger a flow when a group admin privilege is granted in Okta. |
|
|
Trigger a flow when a group admin privilege is revoked in Okta. |
|
|
Trigger a flow when Okta group profile is updated. |
|
|
Trigger a flow when a group push in Okta fails. |
|
|
Trigger a flow when an import process creates a group in Okta. |
|
|
Trigger a flow when an import process deletes a group in Okta. |
|
|
Trigger a flow when an import process completes in Okta. |
|
|
Trigger a flow when the percentage of unassigned application exceeds the specified threshold safeguard during user import in Okta. |
|
|
Trigger a flow when an import process is started in Okta. |
|
|
Trigger a flow when a policy is activated in Okta. |
|
|
Trigger a flow when a user signs in and a verification phone call is sent in Okta. |
|
|
Trigger a flow when a user signs in and a verification SMS is sent in Okta. |
|
|
Trigger a flow when a policy is deactivated in Okta. |
|
|
Trigger a flow when a policy rule is activated in Okta. |
|
|
Trigger a flow when a policy rule is added in Okta. |
|
|
Trigger a flow when a policy rule is deactivated in Okta. |
|
|
Trigger a flow when a policy rule is deleted in Okta. |
|
|
Trigger a flow when a policy rule is updated in Okta. |
|
|
Trigger a flow when a policy rule is updated in Okta. |
|
|
Trigger a flow when an OAuth2 app is granted consent by a user in Okta. |
|
|
Trigger a flow when an org-wide rate limit is approaching the maximum limit in Okta. |
|
|
Trigger a flow when an org-wide rate limit is exceeded in Okta. |
|
|
Trigger a flow when suspicious activity is reported in Okta. |
|
|
Trigger a flow when a user account auto-locks in Okta. |
|
|
Trigger a flow when a user account auto-unlocks in Okta. |
|
|
Trigger a flow when a user is activated in Okta. |
|
|
Trigger a flow when a user is assigned to a group in Okta. |
|
|
Trigger a flow when a user's app password is changed. |
|
|
Trigger a flow when a user is assigned to an application in Okta. |
|
|
Trigger a flow when a user is created in Okta. |
|
|
Trigger a flow when a user is deactivated in Okta. |
|
|
Trigger a flow when a user is deleted in Okta. |
|
|
Trigger a flow when a user is authenticated through multifactor authentication (MFA). |
|
|
Trigger a flow when a user activates a new multifactor authentication (MFA) factor. |
|
|
Trigger a flow when a user deactivates a multifactor authentication (MFA) factor. |
|
|
Trigger a flow when all of a user's multifactor authentication (MFA) factors are reset. |
|
|
Trigger a flow when a user suspends a multifactor authentication (MFA) factor in Okta. |
|
|
Trigger a flow when a user unsuspends multifactor authentication (MFA) factor in Okta. |
|
|
Trigger a flow when a user's admin privilege is granted in Okta. |
|
|
Trigger a flow when a user's admin privilege is revoked in Okta. |
|
|
Trigger a flow when an Okta admin resets the user's Okta password. |
|
|
Trigger a flow when a user's Okta password is updated. |
|
|
Trigger a flow when a user's Okta profile is updated. |
|
|
Trigger a flow when a user's password is imported in Okta. |
|
|
Trigger a flow when a user is reactivated in Okta. |
|
|
Trigger a flow when a user is removed from a group in Okta. |
|
|
Trigger a flow when a user signs into Okta. |
|
|
Trigger a flow when a user signs out of Okta. |
|
|
Trigger a flow when a user is suspended in Okta. |
|
|
Trigger a flow when an admin syncs users from an external application to Okta. |
|
|
Trigger a flow when a user is unassigned from an application in Okta. |
|
|
Trigger a flow when a user is unsuspended in Okta. |
Okta connector action cards
| Action | Description |
|---|---|
|
Activate an Okta application. |
|
|
Activate a specific group rule by ID from your organization. |
|
|
Activate an Okta user by ID or username. |
|
|
Add a new Okta user to a group. |
|
|
Assign a group to an application in Okta. |
|
|
Assign a user without a profile to an app for SSO in Okta. |
|
|
Assign a user to an app with credentials and an app-specific profile. |
|
|
Update an in-progress import session in Okta by creating or updating users in Okta. |
|
|
Remove all active Identity Provider sessions. |
|
|
Create a group in Okta. |
|
|
Create a group rule to dynamically add users to the specified group if they match specified condition values. |
|
|
Create an import session in Okta. |
|
|
Create a user in Okta. |
|
|
Use a Custom API action card to make an authenticated request to the Okta API. |
|
|
Deactivate an Okta application. |
|
|
Deactivate a specific group rule by ID from your organization. |
|
|
Deactivate a user in Okta. |
|
|
Delete an Okta application. |
|
|
Remove a group from your Okta organization. |
|
|
Remove a specific group rule by ID from your organization. |
|
|
Delete an import session in Okta. |
|
|
For the associated user, specified by ID, and the relationship, specified by primary name, delete any existing relationship between the associated and primary user in Okta. |
|
|
Delete a deactivated Okta user by ID. |
|
|
Search Okta users with a query. |
|
|
Fetch a specific user assignment for an app by ID. |
|
|
For the specified ID, return the list of associated user IDs and self-links, based on the relationship between the primary user and the associated names in Okta. |
|
|
For the specified ID of an associated user, returns the primary user ID and self-link, as defined by the relationship with the primary name in Okta. |
|
|
Retrieve an Okta user's current group memberships. |
|
|
List applications assigned to a group in Okta. |
|
|
List applications assigned to a user in Okta. |
|
|
List the members of an Okta group. |
|
|
List group assignments for an application in Okta. |
|
|
List all active import sessions for an identity source. |
|
|
List all assigned users for an app. |
|
|
List users in Okta based on the filter provided. |
|
|
Search for users based on the properties specified in the search parameter. |
|
|
Create a list of Okta users expected by the Okta API. |
|
|
List an application in Okta. |
|
|
Read an application group assignment in Okta. |
|
|
Read an Okta group's information by ID. |
|
|
Read an Okta group rule by ID. |
|
|
Read information about an import session in Okta. |
|
|
Read an Okta user's system information and profile properties by ID or username. |
|
|
Remove a group from an application. |
|
|
Remove a user from an application. |
|
|
Remove an Okta user from the group. |
|
|
Reset a user's password in Okta. |
|
|
Search for applications based on the application Name or Label in Okta. |
|
|
Search groups with a query. |
|
|
Search all group rules for your organization. |
|
|
Search for log events from your organization's System Log in Okta. |
|
|
Set the associated user and the primary user specified by ID for the relationship specified by primary name in Okta. |
|
|
Suspend an Okta user by ID or username. |
|
|
Trigger an import session in Okta that is ready for processing. |
|
|
Unsuspend an Okta user by ID or username. |
|
|
Update an app user's credentials. |
|
|
Update an app user's profile. |
|
|
Update the profile for a group in Okta. |
|
|
Update a group rule in Okta. |
|
|
Update an Okta user's system information and profile properties by ID or username. |