Okta · Arazzo Workflow

Okta Create Policy with Rule and Activate

Version 1.0.0

Create a policy, add a rule to it, and activate the policy.

1 workflow 1 source API 1 provider
View Spec View on GitHub IdentityWorkforce IdentityCustomer IdentityAuthenticationAuthorizationSingle Sign-OnMulti-Factor AuthenticationIdentity GovernancePrivileged AccessAI AgentsCross-App AccessMCPPlatformArazzoWorkflows

Provider

okta

Workflows

create-policy-with-rule
Create a policy, attach a rule, and activate it.
Creates a policy of the supplied type, creates a rule under it, then activates the policy.
3 steps inputs: oktaApiToken, policyDescription, policyName, policyType, ruleName outputs: policyId, ruleId
1
createPolicy
createPolicy
Create a policy of the supplied type without activating it yet.
2
createRule
createPolicyRule
Create a rule under the newly created policy to define its behavior.
3
activatePolicy
activatePolicy
Activate the policy now that it has a rule, so it begins taking effect.

Source API Descriptions

openapi
oktaApi https://raw.githubusercontent.com/api-evangelist/okta/refs/heads/main/openapi/okta-openapi-original.yml

Arazzo Workflow Specification

okta-create-policy-with-rule-workflow.yml Raw ↑ 
arazzo: 1.0.1
info:
  title: Okta Create Policy with Rule and Activate
  summary: Create a policy, add a rule to it, and activate the policy.
  description: >-
    Builds a complete Okta policy in one flow. The workflow creates a policy of
    a given type, adds a rule under that policy to define its behavior, and then
    activates the policy so it begins to take effect. The new policy id is
    chained from creation into both the rule creation and the activation steps.
    Every step spells out its request inline, including the SSWS API token
    header, so the flow can be read and executed without opening the underlying
    OpenAPI description.
  version: 1.0.0
sourceDescriptions:
- name: oktaApi
  url: ../openapi/okta-openapi-original.yml
  type: openapi
workflows:
- workflowId: create-policy-with-rule
  summary: Create a policy, attach a rule, and activate it.
  description: >-
    Creates a policy of the supplied type, creates a rule under it, then
    activates the policy.
  inputs:
    type: object
    required:
    - oktaApiToken
    - policyType
    - policyName
    - ruleName
    properties:
      oktaApiToken:
        type: string
        description: Okta API token used for the SSWS Authorization header.
      policyType:
        type: string
        description: The policy type (e.g. OKTA_SIGN_ON, PASSWORD, ACCESS_POLICY, MFA_ENROLL).
      policyName:
        type: string
        description: The display name of the policy.
      policyDescription:
        type: string
        description: An optional description for the policy.
      ruleName:
        type: string
        description: The display name of the rule to attach to the policy.
  steps:
  - stepId: createPolicy
    description: >-
      Create a policy of the supplied type without activating it yet.
    operationId: createPolicy
    parameters:
    - name: Authorization
      in: header
      value: SSWS $inputs.oktaApiToken
    - name: activate
      in: query
      value: false
    requestBody:
      contentType: application/json
      payload:
        type: $inputs.policyType
        name: $inputs.policyName
        description: $inputs.policyDescription
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      policyId: $response.body#/id
  - stepId: createRule
    description: >-
      Create a rule under the newly created policy to define its behavior.
    operationId: createPolicyRule
    parameters:
    - name: Authorization
      in: header
      value: SSWS $inputs.oktaApiToken
    - name: policyId
      in: path
      value: $steps.createPolicy.outputs.policyId
    requestBody:
      contentType: application/json
      payload:
        name: $inputs.ruleName
    successCriteria:
    - condition: $statusCode == 200
    outputs:
      ruleId: $response.body#/id
  - stepId: activatePolicy
    description: >-
      Activate the policy now that it has a rule, so it begins taking effect.
    operationId: activatePolicy
    parameters:
    - name: Authorization
      in: header
      value: SSWS $inputs.oktaApiToken
    - name: policyId
      in: path
      value: $steps.createPolicy.outputs.policyId
    successCriteria:
    - condition: $statusCode == 204
  outputs:
    policyId: $steps.createPolicy.outputs.policyId
    ruleId: $steps.createRule.outputs.ruleId