Okta Workflows How-To: Fix the 403 Forbidden Error When Using Search Systems Logs Card

Okta Workflows is a no-code platform for automating identity processes. 

This blog post is based on a question asked during office hours or the #okta-workflows channel in MacAdmins Slack: How to fix the 403 forbidden error when using the Search Systems Logs card?

Getting started

Okta – Search Systems Logs card allows you to search the Okta log by a keyword (and also expression, set in Options):

workflows_howto_search_logs.png (506×1272)Search Systems Logs card

When you run a flow with this card, you might get a 403 Forbidden error:

workflows_howto_search_logs_error.png (596×1226)403 Forbidden error with Search Systems Logs card

To fix this error, you need to grant an additional scope to the Okta connection.

  1. From the Admin Console, go to Applications > Applications
  2. Click Okta Workflows OAuth
  3. Open Okta API Scopes tab
  4. Find the okta.logs.read scope and click Grant
  5. For this scope to take effect, you need to reauthorize the connection being used

workflows_howto_search_logs_grant.png (1248×428)Granting a scope to a connection

After you reauthorize, rerun the flow. The card is now able to search the logs:

workflows_howto_search_logs_success.png (740×1214)Search Systems Logs card

Thanks to Bryan Barrows (LinkedIn, blog) who helped with this question on the MacAdmins Slack channel.

Get your Workflows questions answered

Do you have a question about Okta Workflows? Not sure how to build a flow? Join the weekly community office hours to get help.