AUTOMATE LIFECYCLE MANAGEMENT

&
WORKFLOWS
 When we talk about the provisioning
capabilities of Okta, we’re essentially
talking about the ability of an Okta admin
to manage an entire user lifecycle. Think
about the manual process a system
administrator must go through when
onboarding a new employee. They might
have to first create a new account within
Active Directory for that employee, create a
new account within Okta, and then finally
create accounts in any of the applications
the employee may need access to, such as
Box, Workday, or Salesforce. It is a very
tedious, time consuming and manual
process.
 With Okta provisioning, we can help automate some of these processes. When available,
Okta provisioning can cover the entire user lifecycle, from creating the new user account to
updating the user attributes within the account and, when the employee leaves the
company or no longer requires access to the account, can even deprovision the account

 It is up to the service provider to determine via their application programming interface or

API as to whether or not provisioning capabilities will be available. When adding an
application from the Okta Integration Network or OIN, should you want to focus your search
to only those applications which do support provisioning, you can use the Supports
Provisioning filter located on the left to view only applications which support provisioning
features.
 Okta's Lifecycle Management
(LCM) helps connect users with
apps. With LCM you are able to
automate all lifecycles with any
business process for external
and internal users.
 LCM offers prescriptive
provisioning/deprovisioning
paths.
 Simply click a checkbox to
enable creates, updates, and
deactivates.
 LCM also makes it easy to
provision accounts to apps.
 In some cases, customers
need to build bespoke
workflows to handle unique
business process. They need
to add logic, timing, and
multiple actions to their
joiner, mover, and leaver
processes. In other cases,
customers simply need to do
more within a specific
application. For example, in
addition to provisioning a
base account in Box, IT
might need to also set
entitlements or set folder
shares.
 Many customers who attempt to automate are using custom scripts or code. But that’s
problematic in two ways:
 First, it’s expensive and requires a certain skill set. Second, it’s not maintainable. What
happens when that coder leaves your organization?

Okta's Workflows is the next step. Workflows allow you to automate identity-specific tasks
across apps without requiring code.
THE BENEFITS OF WORKFLOWS OVER CUSTOM CODE
THE FOUR MAJOR USE CASES OF WORKFLOWS

Comprehensive More Complex “Joiner,

Provisioning for any APP Mover, Leaver” Flows

Resolve Identity Conflicts Logging and Alerting on

and Other Data Issues key Lifecycle Events
 CONNECTORS
 Okta AND CONNECTIONS
Workflows includes a set of connectors that allow
you to talk to other applications without having to know
programming or APIs. For example, instead of sending a
POST request to Slack’s API, you can simply select Create
User within the pre-built connector. For your identity use
cases, flows can automate processes like app provisioning
and deprovisioning, reporting of suspicious activity, and
new customer sign-up. You simply connect your
applications, specify the trigger event, and fill in the
details.

 A connection refers to a unique access level for a specific

user to that application. To send data to and from an
application, you need to establish a connection to that
application. The connection authorizes the application to
interact with Okta. Each application controls access in
different ways, whether through an API token or through
OAuth scopes, and each user has different access levels
depending on their permission levels in that application
(for example, admin vs. end-user). A single connector can
have many connections depending on the number of users
in your Workflows environment.