# OKTA ## Introduction This document provides comprehensive and up-to-date instructions for integrating OKTA into Autom Mate. The integration enables users to perform identity and access management operations directly within Autom Mate workflows, such as retrieving users, groups, roles, and application assignments. Through this integration, Autom Mate users can automate identity tasks like user lookups, group membership checks, and role queries, all without writing any code. ## What is OKTA? OKTA is a leading identity and access management platform that enables secure access to applications and data. It offers features such as single sign-on (SSO), user provisioning, directory integration, and multi-factor authentication. Organizations use OKTA to centralize and secure user identity, simplify access management, and streamline IT operations. With Autom Mate, OKTA becomes a programmable part of your workflow automation. Autom Mate Integration with OKTA Autom Mate provides several built-in actions under the OKTA integration, allowing seamless interaction with your OKTA environment. These actions include retrieving group members, listing users, viewing app assignments, and more. #### 🔐 Prerequisite Before using the OKTA integration in Autom Mate: 1. Navigate to the [Vault](/userguide/product-features/management/vault.md) Page in Autom Mate (under the Management section). 2. Create a Vault Credential: 3. Go to the Application Credentials tab. 4. Click “New App Credentials.” 5. Search for or select “OKTA”. 6. Fill Required Fields: 7. Connector Name 8. Authentication Type (e.g., API token) 9. OKTA Domain URL 10. API Token 11. Test & Save 1. Use “Test Connect” to validate the credentials. 12. Click “Connect & Create” to save. ## Using the Integration To use the OKTA integration in Autom Mate: 1. Select a pre-built OKTA action (e.g., “Create a User” or “Manage User lifecycle”) from the Integration Library. 2. Provide required inputs such as Username, Recovery Question, or User Lifecycle, depending on the action being used. 3. Execute the action and apply logic or next steps using the results. ## How to Use Actions ### Create a User #### Description and Purpose The OKTA - Create a User action allows Autom Mate users to create a new user account in their OKTA environment. This is useful for automated user provisioning scenarios, such as onboarding employees or setting up new external users. The action supports required identity fields as well as optional security and group assignment settings. #### Usage Instructions {% stepper %} {% step %} Select App Credential App Credential (Required): Select the credential that connects Autom Mate to OKTA. \ Example: OKTA\_Credential {% endstep %} {% step %} Provide Username Username (Required): Enter the unique username for the new user. \ Example: john.doe This will be used as the login identifier. {% endstep %} {% step %} Provide Email Email (Required): Enter the email address of the new user. \ Example: This should match the user’s actual contact email address. {% endstep %} {% step %} Provide First Name First Name (Required): Enter the user's first name. \ Example: John {% endstep %} {% step %} Provide Last Name Last Name (Required): Enter the user's last name. \ Example: Doe {% endstep %} {% step %} (Optional) Provide a Password Password: Define a secure password for the new user account. \ Example: StrongPassw0rd! {% endstep %} {% step %} (Optional) Provide a Recovery Question Recovery Question: Set a recovery question for password resets. \ Example: What is your favorite book? {% endstep %} {% step %} (Optional) Provide a recovery Question Answer Recovery Question Answer: Provide the answer to the recovery question. \ Example: The Great Gatsby {% endstep %} {% step %} (Optional) Provide Group IDs Group IDs: Provide one or more Group IDs in array format if the user should be added to specific OKTA groups. \ Example: \["00gr1abcd123", "00gr2efgh456"] {% endstep %} {% step %} Execute and Review Run the action. After execution, the selected variables will store the newly created OKTA user profile and metadata. You can use these variables in follow-up steps, such as assigning licenses, sending notifications, or triggering conditional logic based on the creation status. {% endstep %} {% endstepper %} #### Inputs
Field Description
App Credential Select the credential for connecting to OKTA (e.g. OKTA_Credential).
Username Unique username for the user. (e.g. John.Doe ).
Email Email address of the user (e.g. john.doe@example.com).
First Name User's first name (e.g. John).
Last Name User's last name. (e.g. Doe)
Password (Optional) Password to assign to the user (e.g. StrongPassw0rd!).
Recovery Question (Optional) Question used for password recovery (e.g. What is your favorite book?).
Recovery Question Answer (Optional) Answer to the recovery question (e.g. The Great Gatsby).
Group IDs (Optional) List of group IDs to assign the user to (e.g. 00gr1abcd123).
Outputs
Field Description
Output Body Contains the full user data returned after account creation.
Output Header Contains metadata such as HTTP status code and response messages.
### Get Password Reset Link #### Description and Purpose The OKTA Get Password Reset Link action allows Autom Mate users to generate a password reset link for a specified user in their OKTA environment. This action is useful in user support workflows such as password recovery or temporary access restoration. It offers options to notify the user by email and revoke existing sessions if necessary. #### Usage Instructions {% stepper %} {% step %} Select App Credential App Credential (Required): Select the credential that connects Autom Mate to OKTA. \ Example: OKTA\_Credential \ This credential enables secure interaction with your OKTA tenant. {% endstep %} {% step %} Provide User Login User Login (Required): Enter the username (login) of the user who needs a password reset link. \ Example: jane.doe \ This value identifies the target user in OKTA. {% endstep %} {% step %} Decide Whether to Send Email Send Email? (Required): Choose whether the reset link should be sent to the user via email. \ Example: Yes \ Set to Yes to automatically email the reset link, or No if you intend to send it through another channel. {% endstep %} {% step %} (Optional) Revoke User Sessions Revoke Sessions of the User: \ Choose whether to revoke all active sessions for the user. \ Example: Yes \ This ensures that the user must re-authenticate with a new password. {% endstep %} {% step %} Execute and Review Run the action. After execution, the selected variables will store the password reset link and response metadata. You can use the reset link in follow-up steps, such as notifications or audits.
{% endstep %} {% endstepper %} #### Inputs
Field Description
User Login Username of the user who should receive a reset link (e.g. jane.doe).
Send Email? Choose whether to send the link via email (e.g. Yes).
Revoke Sessions of the User Choose whether to revoke all current sessions (e.g. Yes).
Outputs
Field Description
Output Body Contains the password reset link and related user data.
Output Header Contains HTTP metadata such as status code and headers.
### Manage User Lifecycle #### Description and Purpose The OKTA – Manage User Lifecycle action allows Autom Mate users to change the lifecycle state of a user within their OKTA environment. This includes operations such as activating, deactivating, suspending, or unsuspending a user. It is especially useful for automated employee onboarding, offboarding, or access control procedures. #### Usage Instructions {% stepper %} {% step %} Select App Credential App Credential (Required): Select the credential that connects Autom Mate to OKTA. \ Example: OKTA\_Credential \ This credential enables secure communication with the OKTA instance. {% endstep %} {% step %} Provide User Login User Login (Required): Enter the login (username) of the user whose lifecycle state you want to manage. \ Example: john.doe \ This identifies the user in OKTA. {% endstep %} {% step %} Define Lifecycle Event User Lifecycle (Required): Specify the lifecycle event to perform, such as activate, deactivate, suspend, or unsuspend. \ Example: deactivate \ This determines the lifecycle transition for the specified user. {% endstep %} {% step %} Execute and Review Run the action. The result will be stored in the selected output variables. Use these outputs to validate the lifecycle change or take additional automated steps such as logging, alerting, or auditing. {% endstep %} {% endstepper %} #### Inputs
Field Description
App Credential Select the credential for connecting to OKTA (e.g. OKTA_Credential).
User Login Login name of the target user (e.g. john.doe).
User Lifecycle Lifecycle event to perform (e.g. deactivate).
#### Outputs
Field Description
Output Body Contains the OKTA response confirming the lifecycle change.
Output Header Contains metadata such as HTTP status code and headers.
### View All Groups #### Description and Purpose The OKTA – View All Groups action allows Autom Mate users to retrieve a complete list of groups configured within their OKTA environment. This is useful for administrative and governance tasks, such as managing group assignments, performing audits, or dynamically referencing group IDs in automated workflows. #### Usage Instructions {% stepper %} {% step %} Select App Credential App Credential (Required): Select the credential that connects Autom Mate to OKTA. \ Example: OKTA\_Credential \ This credential enables authorized access to group data within your OKTA environment. {% endstep %} {% step %} Execute and Review Run the action. The output will contain the full list of groups available in your OKTA tenant, which can be used in further automation steps like user-to-group mapping, reporting, or configuration. {% endstep %} {% endstepper %} #### Inputs
Field Description
App Credential Select the credential for connecting to OKTA (e.g. OKTA_Credential).
#### Outputs
Field Description
Output Body Contains the full list of groups retrieved from OKTA.
Output Header Contains metadata such as HTTP status code and response headers.
### View All Users #### Description and Purpose The OKTA – View All Users action allows Autom Mate users to retrieve a list of users from their OKTA environment. This can be used for audits, reporting, or dynamic user-based workflows. Optionally, the action supports filtered queries to narrow down results to specific users based on criteria such as email or status. #### Usage Instructions {% stepper %} {% step %} Select App Credential App Credential (Required): Select the credential that connects Autom Mate to OKTA. \ Example: OKTA\_Credential \ This credential enables secure access to the OKTA user directory. {% endstep %} {% step %} (Optional) Provide Filter Filter: Provide a query string to filter users (e.g., by email or attribute). \ Example: \ This allows you to retrieve specific user records instead of all users. {% endstep %} {% step %} Execute and Review Run the action. The output body will include the retrieved user list. You can apply further logic to loop through users, assign roles, or log results. {% endstep %} {% endstepper %} #### Inputs
Field Description
App Credential Select the credential for connecting to OKTA (e.g. OKTA_Credential).
Filter (Optional) Query to filter users (e.g. q=test@autommate.com).
#### Outputs
Field Description
Output Body Contains the retrieved list of users from OKTA.
Output Header Contains metadata such as HTTP status code and response headers.
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.autommate.com/userguide/libraries/integration/okta.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.