New look and feel in Okta Workflows
The Okta Workflows Console now has the same look and feel as other Okta apps. These updates include redesigned side and top navigation menus and the addition of a gray background.
Okta Workflows tables limit increase
For Okta Workflows customers on a paid subscription level, the per org limit on Workflows tables has been increased from 100 to 200 tables.
See Flow Tables in Workflows system limits.
Role-based access control is now GA for production orgs
As Okta Workflows can make comprehensive changes both inside Okta and out to other connected SaaS apps, access to Workflows was previously restricted to Okta super admins. While this regulation enhanced the security of Okta Workflows, it limited the number of users, restricted the scalability of Okta Workflows, and reduced overall value to customers.
With role-based access control (RBAC), you can now assign Workflows privileges to more users without granting unnecessary access.
To support this feature, three new admin roles are available:
- Workflows Administrator: For full-access administration, within Okta Workflows only
- Workflows Auditor: For compliance management with read-only access
- Connection Manager: For securely handling accounts and credentials
RBAC allows customers to expand the use of Okta Workflows beyond super admins, enabling more team members to build, run, and manage Workflows securely and efficiently.
See Access Control.
There are four new event types that record the RBAC feature activity in the Okta System Log:
- workflows.user.role.user.add
- workflows.user.role.user.remove
- workflows.user.role.group.add
- workflows.user.role.group.remove
See the Event Types API.
Okta Workflows Certificate Authority updates
Root certificates used by Okta Workflows now reflect current certificates as of December 31, 2024. Also, any root Certificate Authority (CA) entities that were removed from the Common CA database after March 11, 2023 will be deprecated in the 2025.03.0 release.
Polling Monitors feature added to Connector Builder
Many APIs support real-time notifications using webhooks, but for remote services that don’t support webhooks, triggering automation flows based on new data relies on manual checks or inefficient workarounds. Without access to scheduled updates, admins rely on manual data exports or custom scripts to continuously check for new or updated changes; these processes add complexity and operational overhead.
With the introduction of Polling Monitors in Connector Builder, admins can create custom event triggers to process updated data from APIs without webhook support. Polling monitors make scheduled requests for new events, giving admins full control over when and how their flows respond to new data.
Whether detecting new support tickets in a help-desk system, syncing user updates from a CRM app, or monitoring changes in a third-party service, polling monitors let admins integrate with more services and capture important events.
See Polling monitor events and Build a polling monitor event flow.
Type Of and Cursor function cards now available in Connector Builder
When working with APIs that return ambiguously typed data, the Type Of card identifies whether a returned value has a Text, Number, True/False, Object, Date & Time, or File type. It also detects Lists, making it easier to handle dynamic data structures in your connector flows.
See the Type Of function card.
Also, this release includes the Cursor card for Connector Builder. This Flow Control function card allows builders to save a metadata value for use in creating polling monitor events.
See the Cursor function card.
Connector Builder improvements
When creating a helper flow for a specific context, Connector Builder automatically adds the appropriate event and return cards.
Workflows templates
The following Okta Workflows templates are now available:
See Available Workflows templates.
Fixes in Okta Workflows
- The Get All Licenses card returned an outdated list of licenses from Google Workspace.
- The Assign License to User and Unassign License from User cards for Google Workspace returned invalid values for the License Name.
- The Read User Licenses card didn’t return all licenses that were associated with a particular user in Google Workspace.
- When searching for a user’s licenses, the Google Workspace Read User Licenses card didn’t accept uppercase letters for the Primary Email input field.