For the Okta Workflows to interract with the Okta platform, we need to set up an Okta Connections. For more information about the Workflow Connections, check the this post
Click + New Connection and select Okta from the Menu.
We need to set a few option
The domain will be your-domain.okta.com or your-domain.oktapreview.com
Finally we need to specify the Client ID and Client Secret. We need to go to our Okta admin portal and find the Okta Workflow OAuth app. The Okta Workflow app is used to access the Portal while the Okta Workflow OAuth app is used for authentication.
For the Okta Workflow OAuth app under Okta API Scopes, we can define the Okta resources the Workflows can access.
You can get the full list of the Scopes here with a brief description per scope. Also this Okta link can help you understand which Scope needs to be granted so we can use a specific action. For example if we want to use the action:User Assigned to Application, the Scope okta.apps.read must be granted.
Under the Sign On tab, we can copy/past the Client ID and Client secret
Let's paste that to our Okta Connection in the Workflow Platform and then Press Save to applu the changes.
If we want to limit the scope of this connection, we can edit the Permissions TAB
📔 Note: If we make changes to the Scope on the Okta Admin portal (add more Scopes), then we need to Reuthorise the Connection for the changes to be reflected to the Okta Workflow Portal.
No comments:
Post a Comment