Check app ownership (Workato Recipe)

Verify ownership of apps during employee off-boarding

During employee off-boarding, it is important to check whether the user owns any apps. If they do, you must ensure a smooth handover of administrative responsibilities.

This guide documents a custom action that triggers a Workato recipe that makes multiple API calls to Torii and determines which apps the user owns.

Step 1: Configuring the Custom Action

Method : POST

URL : https://<path_to_your_webhook>

Query Parameters

ParameterVariable Mapping




     "first_name": "[Trigger.User.First-name]", 
     "last_name": "[Trigger.User.Last-name]",
     "email_address": "[Trigger.User.Email]",
     "department": "[Trigger.User.Details.Okta-Department]",
     "cost_center": "[Trigger.User.Details.Okta-Cost-Center]",
     "job_title": "[Trigger.User.Details.Okta-Title]",
     "employee_manager":  "[Trigger.User.Details.Okta-User-Manager.Email]",
     "employee_manager_name" :  "[Trigger.User.First-name] [Trigger.User.Last-name]"



This example uses attributes from Okta as the source of truth. Select attributes for email_address, department, cost_center, job_title, and employee_manager from your configured source of truth.

Step 2: Create a Workato Recipe using a webhook trigger

  1. Create the recipe from your Workato console.
  1. Set up the recipe so it starts with a trigger from a webhook.

Step 3: Add connections to your recipe

  1. Add a connection to the Torii Public API.
  1. Add a Slack connection to your recipe. In this example, this process will send you a Slack message with a list of apps that the employee owns.

Step 4: Set up variables to store data

  1. Set up variables to store data returned in responses for API requests. Create a list to store a list of items with a minimum of 1 field which stores the name of the app. Add other fields as required, e.g. app id, url, etc.



Your use case may require additional variables or storing more attributes for a particular request.

  1. Create a variable with the string data type. This will store the static message text for the Slack message that will be the same for every user.
  1. Create a variable with the string data type. This will write out a bulleted list of all apps that the user owns.

Step 5: Get user details using their email address

  1. Set up a GET request to the /users endpoint.



The Get Users filtered by attribute request is documented in the API Explorer.

Step 6: Get user's applications using the user's unique ID

  1. Set up a GET request to the /users/{idUser}/apps endpoint using the unique ID of the user from the get user by email request.



The Get user's applications request is documented in the API Explorer.

Step 7: Set up a loop to iterate through data for each returned application

  1. Create a for each loop for each item returned from the list user's applications request. Use the array of apps returned in the previous step as the input list.

Step 8: Get details for each app using the unique app account id

  1. Set up a GET request to /apps/{idApp} using the app account ID returned from the request to return the user's applications as the value for {idApp}.



The Get App's Details request is documented in the API Explorer.

Step 9: Compare the unique ID of the user to the unique ID of the owner for each app in the array

  1. Set up an IF logic operator to compare the user's unique ID, which we retrieved with the API call in Step 5, to each app owner's unique ID. The app owner's unique ID is retrieved from the API call in Step 8. If the unique ID from Step 5 is equal to the unique ID in Step 6, the user is the owner of the app.

Step 10: Add items to list of owned apps and Slack message text

  1. Add the name of the app as an item to the Owned Apps List created in Step 4. The schema for this step and the way you map the data will depend on the schema of the list from Step 4.
  1. Update the slack_message_bullets variable we created in Step: 4.3. This will insert an updated version of the list, which increments with a new item on each loop run.

Step 11: Configure Slack message for a list of owned apps

  1. Send a message directly to a user in Slack or post it to a Slack channel by combining the slack_message_text and slack_message_bullets variables. This can be edited based on your requirements.

Step 12: Configure workflow in Torii with trigger and custom action

  1. Create a workflow in Torii and define the criteria for which you want to trigger this recipe to check app owners. The example below defines a trigger that will fire when an employee is detected to be leaving in less than 14 days. This can be customized to your requirements.
  1. Add a Custom Action to the workflow. This action should send a JSON payload that matches what the recipe expects to receive through the webhook trigger.

Step 13: Test your Torii workflow and Workato recipe

  1. Run the workflow using the button on the top right of the view.
  1. Select a user when the Run Workflow Actions dialog pops up, then click Run Now
  1. Check your Workflow logs by clicking View Logs to ensure the custom action has fired successfully.

Step 14: Check your Slack Channel

  1. Check Slack to see that your message was sent.



You just created a custom action to verify ownership of apps during employee off-boarding. You can use the approach in this guide to come up with recipes to tackle more complex use cases using the combined power of the Torii and Workato platforms.