October 3, 2022

Robotic Notes

All technology News

Workflows Tips#11: Random 6-Digit PIN, Calling Okta API,and Sign-In Based on Location – Java Code Geeks

3 min read


Welcome to another Okta Workflows Tips post. Read all previous tips.

In this post:

  • How to generate a random 6-digit PIN
  • Using Custom API Action to create a user without credentials (via Okta API)
  • How to monitor sign-in based on geographic location

How to generate a random 6-digit PIN

This tip is from Arek Dreyer. Arek is a Senior Product Engineer at kandji.io, which provides next-generation Apple device management for macOS, iOS, iPadOS, and tvOS. Arek spent over 20 years as an independent trainer, author, and consultant, and in 2021 he joined Kandji. He was super happy to discover the community of admins that love helping each other solve problems in the Okta Workflows space.

This tip shows how to generate a 6-digit PIN where the first digits can be zero.

Flow to generate a random 6-digit PIN
Output from running a flow to generate a 6-digit PIN

The flow has two steps:

  1. Generate a 7-digit random number between using Number – Random Integer card
  2. Use Text – Text Segment card to leave out the first digit and you end up with a 6-digit PIN where the first digit can be a zero

This is a cool tip (or a hack) for a specific use case.

Thank you to Gabriel Sroka for helping find this solution.

Using Custom API Action to create a user without credentials (via Okta API)

This tip is from Bryan Barrows, Workflows Builder Advocate at Okta.

In this tip, you will learn how to send a POST request to Okta to Create a user without credentials.

First, you need to create a profile object to include in your request payload – this will contain the information about the user you wish to create.

Custom API Action card

You can leverage the Object – Construct function to create the inner object with keys for firstName, lastName, etc. You can then feed the output of this card into another Object – Construct with a key of profile.

The resulting output of our second card is an object that matches what Okta’s API expects for this request and looks like this:

{
  "profile": {
    "lastName": "User",
    "email": "example.user@test.com",
    "mobilePhone": "555-415-1337",
    "firstName": "Example",
    "login": "example.user@test.com"
  }
}

You can then add the Octa – Custom API Action card with an action of POST. The full endpoint we want to hit is https://${yourOktaDomain}/api/v1/users?activate=falseso the Relative URL for the request will be / api / v1 / users? activate = false.

With your constructed profile object and relative URL, you are now able to use the Octa – Custom API Action to POST to Octa’s API.

How to monitor sign-in based on geographic location

This tip is from Bryan Barrows, Workflows Builder Advocate at Okta.

This tip is based on a real use-case in which a customer wanted to monitor whether users who have a country code of UA in their profile attempt to sign in from outside Ukraine – however, the logic can easily be customized for many unique scenarios .

User Sign In Attempt

The flow has the following steps:

  1. Leverage the Octa – User Sign In Attempt event to fire a workflow anytime a user attempts to sign in.
  2. Add an Octa – Read User card and drag the Actor ID into the input field. We’ll also want to select the Country Code as an output field.
  3. Add a Branching – Continue If function and check if the user’s country code matches the one that you care about monitoring. If it doesn’t, we don’t need to do anything and the flow will stop.
  4. Add an Object – Get Multiple function and retrieve the geographical context of the sign-in event using dot notation by creating an output with a key name of client.userAgent.geographicalContext.country
  5. Add a Branching – If Else function and check that the output of Step 4 is equal to the expected country for the user to sign in from. When that is not the case, the False lane will execute, so any actions you want to take like sending a Slack message, etc, can be put here.

That’s all for now. Let me know if you have any tips you would like to share.



Source link