Okta Workflows How-To: Save User MFA Information to a Workflows Table
Okta Workflows is a no-code platform for automating identity processes.
This blog post is based on a question asked during office hours or the #okta-workflows channel in MacAdmins Slack: How to save user MFA information to a table?
This guide helps you get started with Workflows. Okta support does not assist with custom flow construction using this guide, as it falls outside the scope of standard support. You may need to adjust the flow(s) to meet your needs. For questions, attend community office hours or post on the community forum.
Note: It is not recommended to use a Workflows table for long-term storage. Please read the How to Save User MFA Information to a Google Sheets Spreadsheet in Workflows Knowledge Base article.
Getting started
You get a list of active users and want to save their MFA information to a table. Once the MFA information is in a table, you can review it and reset any MFA factors, if needed.
The solution has three flows:
- List users
- Get MFA information for a user (helper flow)
- Save MFA information to a table (helper flow)
List users
The first flow uses the Okta – List Users with Search card to list active users with the streaming option:
List users flow
The flow calls the User MFA Settings_Helper flow to get MFA information for each user in a list.
Get MFA information for a user
The helper flow below calls /api/v1/users/ID/factors API endpoint using the Custom API Action card to get MFA information for each user in a list.
Helper flow to get MFA information for a user
- With the Helper Flow card, the current record (user) is passed to the helper flow. You need the user ID and user Login fields
- The Compose card creates an API endpoint string URL with the current user ID
- The Custom API Action card calls the Factors API endpoint. The API returns an MFA factor list (a user can have multiple MFA factors)
- Using the List – For Each card, the list is passed to a helper flow that saves the MFA information into a table
Learn how to How to Call an API When It’s Not Available From an Existing Card (Connection)
This is how MFA settings for a user might look:
MFA factors list
Save MFA information to a table
This helper flow saves MFA user information into a table.
Save MFA information to a table
- With the Helper Flow card, the User ID, User Login, and a list of MFA Type object is passed to this flow
- The Object – Get card retrieves the factorType property from the object
- The Tables – Create Row card saves the information into a table
A table with saved MFA information:
User MFA information table
In this guide, you learned how to retrieve user MFA information and save it into a table.
Get your Workflows questions answered
Do you have a question about Okta Workflows? Not sure how to build a flow? Join the weekly community office hours to get help.