Loading...
Identity
Enhancing IAM Efficiency: Okta Workflows and Freshservice Connector
July 29th, 2024

Introduction

In the ever-evolving world of Identity and Access Management (IAM), efficiency and security are paramount. Recently, I had the chance to integrate Freshservice with Okta Workflows for one of our clients, and it revolutionized how they handle access requests, provisioning, and deprovisioning. The best part was that Freshservice engineers have already built a connector in Okta Workflows, featuring a few cards (prebuilt API functions) that make the process even easier for the admin composing the automations.  

If you are not yet familiar with either Okta Workflows or Freshservice, please check the following links: 

  • Unlock no-code Identity automation with Workflows 
  • Freshservice: AI-powered ITSM & ESM Solution 

Automating App Access Requests 

Handling app access requests used to be a headache for our client. Employees would submit requests, and IT would manually process them, often leading to delays and errors. But with Okta Workflows, everything changed. The new workflow is quite simple: 

  1. Submission: Employees submit their service requests through Freshservice UI, with each request including custom attributes that map to licenses or roles within the requested app. 
  2. Monitoring: Okta Workflows runs a scheduler every 10 minutes to monitor open service requests. 
  3. Automation: Those requests are validated, and assignments are done automatically. This is where our engineers flex their programming expertise, leveraging the powerful and flexible functions available in the Workflows console. Proper logging and auditing are also included. 
  4. Scalability: Once the solution is in place, adding more apps to the automation is as easy as updating a CSV file or a table, decoupling the engineering team from the process of adding more apps. 

This solution not only speeds up the process but also ensures accuracy. Plus, the requester (and specified stakeholders) gets notified about the status, keeping everyone in the loop. 

Revoking User Access 

Deprovisioning users is a critical area for maintaining security. It is crucial to do this correctly, and with Okta Workflows, we have automated the entire process for our client. The system monitors Freshservice for deprovisioning requests and executes them at the scheduled time. Users are removed access from Okta and all connected apps without any manual intervention. 

All updates about the deprovisioning process are documented in the user’s Freshservice ticket, so our client has a clear record of what happened and when. This has been a significant change for their compliance and audit processes. 

Creating and Managing Tickets 

We also use Okta Workflows to create tickets that notify colleagues about actions needed after deprovisioning. For example, there are applications for which automated deprovisioning is not yet supported. This way, everyone knows their next steps without constant back-and-forth communication. Freshservice serves as the central hub, storing all the records and actions taken, simplifying our client’s workflow. 

Streamlining IAM with No-Code Automation 

One of the most impressive aspects of Okta Workflows is that it is a no-code automation tool. This means that people with no previous programming experience can build workflows. However, having team engineers has enabled us to create more complex flows, enhancing the services we offer our clients. The combination of ease of use and the ability to build sophisticated automations has been invaluable. 

Conclusion 

From my experience, implementing Okta Workflows with Freshservice for our client has transformed their IAM practices. Automating tasks like app access requests and deprovisioning has saved time and reduced errors. This integration has made their workflow more efficient and secure, making their operations smoother. If you are considering streamlining IAM processes for your clients, I highly recommend giving this integration a try. 


About the author

Roxana Martins is an IAM Engineer at Distology Studios and certified Okta Administrator with extensive experience in Process Automation technologies including Okta Workflows.