The purpose of a SaaS user role workflow is to validate the existence of a given user in a SaaS System and to pull User Role information from your SaaS Systems. The latter allows you to differentiate users by their level of access, and generate downstream automation based on role-specific details, often the price of a seat at that level. To gather this information, Oomnitza allows for individual connections to each service that gathers role information from each user using that system, provided we’ve retrieved details on that system from the SaaS SSO Sync or added that system manually.
Prerequisites
Before you create a SaaS user workflow, you should have already run your extended user integration and selected User plus SaaS User to populate the software entry (such as Salesforce) in the Software > SaaS menu. Alternatively, you can add the software entry manually by following the steps in Adding SaaS software manually.
Creating the SaaS user workflow
- Click Configuration > Workflows
- Click Add (+) and select Software SaaS Users from the list.
- Enter the name of the workflow.
Editing the begin block
The begin block is the workflow’s trigger. In the example below, you create a workflow that retrieves SaaS user information from Salesforce.
- Click Edit.
- Enter the name of the begin block.
- Configure the schedule so that the user information is streamed to Oomnitza when your system is least busy.
- The workflow should run for Active records by default.
- Click Add Rule and add this rule: SaaS name = Salesforce.
- Click Save.
Tip
Learn more about the Begin block
Editing the SaaS User Role block
- Drag and drop the SaaS User Role retrieval block onto the Sandbox, and then click Edit.
- Search for your SaaS integration, such as Salesforce, and click the arrow (>).
- Supply the required information including your Credentials.
- By default, the Deactivate User checkbox is selected. This means that if the users listed in SaaS > [Software name] > Users do not exist in your SaaS application, they will be deactivated once the workflow is run.
Tip
Consult our vendor integration list for information on how to create credentials for your specific integration and add them to Oomnitza.
Connecting the blocks
To complete the workflow, you connect the blocks.
- Link the boxes as shown in the diagram.
- Click Save, Validate, and Activate.
Note
When saving a SaaS User Role block, the system verifies the credentials that have been selected for this block and will attempt a call to the REST API for this system. If this call fails you will receive an error. Most likely the error indicates that your credentials are not properly working but this could also be related to some networking or other issues.
Workflow result
Depending on the schedule that you configured in the Begin block, the SaaS user information, such as the user name, email, last login date, and role or license(s), is streamed to Oomnitza. The information is presented in the Users side pane, in the SaaS > [Software name] tab.
Did you know?
You can add additional features to your workflow. For example, you can add a Notify block to send messages. See Using the Notify block.
Related articles
Comments
0 comments
Please sign in to leave a comment.