Okta Workflows How-To: How to Delete Deactivated Users
Okta Workflows is a no-code platform for automating identity processes. The Workflows team holds weekly office hours where they answer builder questions.
This blog post is based on a question asked during office hours: How to delete deactivated users in Workflows?
Getting started
There are two steps and two flows to delete deactivated users:
- Get deactivated users (flow 1)
- Send them (via stream records) to a helper flow to be deleted (flow 2)
The first flow looks like this (you can start the flow on schedule or run it manually via the Test button):
The flow uses Okta – List Users with Search card where the Status is set to DEPROVISIONED. In the card’s Options, the Result Set is set to Streaming Matching Records. The streaming option directly streams each record to the selected helper flow.
The helper flow looks like this:
The Helper Flow card has two inputs: Record and State (both Object types) Record is the current record passed to this helper flow. The current record has many attributes. For this example you are interested in the user’s ID (type Text) which is passed to Okta – Delete User card to delete the user. The State parameter is used to pass any additional attributes to the helper flow. You don’t have any in this example so it’s ok to leave it empty.
Note: If you use the delete action on an active Okta user, the user will be deactivated, and a second Delete User action is necessary to delete the user.
Get your Workflows questions answered
Do you have a question about Okta Workflows? Not sure how to build a flow? Join the weekly community office hours to get help.
Follow Max Katz
