Registration Inline Hook to add manual approval/rejection

Hello,

I want to add approval/rejection to the Okta registration or app assignment flow. The diagram below looks promising except that it looks like the hook is a synchronous call and won’t work for a long running manual process like manual approval/rejection. Any suggestions how to handle this scenario?

Thanks and regards,
Nils

I wonder if the identity engine progressive profiling may offer more async type controls:

1 Like

I have the exact same requirements which I took on today. I will keep you posted if I find a solution. Please let me know if you find the solution early.

1 Like

Hello Nils,

We end up using the Okta event hook, based on the type of event, you can enable the trigger to your external web-service where you can control the approval/rejection.

The detailed process would looks something like-

  1. While user registers, add him/her to temp group and add a low access sign on policy to control the access.
  2. Register event hook and enable it for event like “user activation” or “user to group membership” etc.
    Note: You would need your webservice to be ready for step 2.
  3. Once you receive event payload, you can initiate the business approval workflow.
  4. If approved, make an api call to remove the user from group else remove user from Okta

Reference documentation- https://developer.okta.com/docs/concepts/event-hooks/

Hope this help!

Regards,
Akshay

Hello Akshay,

Thanks for sharing your solution :slightly_smiling_face: This would work. We could then for instance trigger business approval workflow on “user create” or an “import inline hook”. When the manager approves/rejects user we could then call Okta API to “activate user”
or “remove user”.

Thanks and regards,

Nils