When a new employee joins an organization, IT teams often need to create the user account, activate it, assign the correct access group, and verify the membership. Performing these tasks manually in Okta can be repetitive and time-consuming.

You can use the actions in the Okta package to automate user on-boarding and access assignment. This automation creates a user, activates the account, locates the appropriate group, adds the user to that group, and verifies the assigned memberships. Some of the benefits are:
  • Faster and more consistent user provisioning.
  • Reduced manual identity administration.
  • Repeatable on-boarding steps with fewer errors.

Prerequisites

  • An existing Okta tenant URL. For example: companyabc.okta.com
  • A configured OAuth2 connection in Control Room. For example: Okta_OAuth
  • The following user-defined variables:
    • OktaSession (String): Stores the active Okta session
    • CreatedUser (Dictionary): Stores the details of the created user
    • GroupDetails (Dictionary): Stores the details of the target group
    • IsAdded (Boolean): Stores the result of the group assignment
    • UserGroups (Table): Stores the list of groups assigned to the user

Procedure

  1. Create an automation named Okta_demo
  2. Drag and drop the Connect action from the Okta package.
  3. In the Connect action:
    • In Domain URL, enter companyabc.okta.com.
    • In OAuth2 Connection, select an existing Control Room connection such as Okta_OAuth.
    • Save the output session to $OktaSession$.
  4. Drag and drop the Create user action.
  5. In the Create user action:
    • Set Session name to $OktaSession$
    • Set Username to alex.morgan@example.net
    • Set Password to TempPass#2026
    • Set User email to alex.morgan@example.net
    • Set First name to Alex
    • Set Last name to Morgan
    • Set Phone to 555-415-1337
    • Set Activate user to true
    • Save the output dictionary to $CreatedUser$
  6. Drag and drop the Get group ID by name action.
  7. In the Get group ID by name action:
    • Set Session name to $OktaSession$
    • Set Group name to Finance Analysts
    • Save the output dictionary to $GroupDetails$
  8. Drag and drop the Add user to group action.
  9. In the Add user to group action:
    • Set Session name to $OktaSession$
    • Set Group ID to $GroupDetails["id"]$
    • Set User ID to $CreatedUser["id"]$
    • Save the Boolean output to $IsAdded$
  10. To verify the membership, add the List user groups action.
  11. In the List user groups action:
    • Set Session name to $OktaSession$
    • Set Username/ID to $CreatedUser["id"]$
    • Save the output table to $UserGroups$
  12. Add a Log to file or Message box action to confirm the results.
  13. In that step, display:
    • User created: $CreatedUser["login"]$
    • Group added: $IsAdded$
    • Group rows: $UserGroups$
  14. If the automation no longer requires the active session, add the Disconnect action, and set Session name to $OktaSession$.