Our service desk tracks the number of calls that it receives from users who need their passwords reset. We are getting ready to roll out documentation to our users on how they can reset their passwords themselves with IDN. Because all tracking is done through our ticketing system I want IDN to send an email to a fixed address when a user resets their own password as a way of directly showing that IDN is taking a load off of the service desk.
One option was to have a simple query that gives me the people who do this each day, and I see that I can create a workflow based on when this query runs, but I do not see how I could get the workflow to parse the report and create individual emails for each event.
The ideal option would be to trigger the workflow when the password reset event happens, but I just donât see how.
Looking at the Admin â Dashboard thereâs a âPassword Resetsâ section on here. Clicking the âView Allâ opens up Search with the following query:
technicalName:PASSWORD_ACTION_CHANGE_PASSED AND created:[now-7d/d TO now]
This could be built into an API call (Postman, Curl, or other) using the search API to simply return the number if thatâs all youâre looking for.
Understood. I was trying to avoid having a process outside of IDN and have it be more realtime, but if there is no trigger for this, then it doesnât seem feasible to do it entirely within IDN.
For example; you could setup a schedule search using the search query mentioned by Ed with a timeframe of last hr.
Get the scheduled search id via API and in Workflows build the trigger (scheduled search trigger) using the id. You can then use a condition to check if the 1) thereâs any events returned for the last hour, if so 2) verify if the user(s) that took the action matches the usersâ pwd being reset, if true, send an email to your designated email, with the details of the user and timestamp, else end the flow.
Assuming not too many pwd resets occur during the hour interval, it could resemble a per pwd reset event trigger. What do you think?
I have tried the scheduled search trigger and I can verify that âmyâ query executed, but the part that I do not understand is how do I parse out the individuals that were on the report?
Have a look at this thread it might be helpful, Unfortunetly I am still learning the ins-out of the workflows to provide you with any further insights:
From the thread above, it looks like using the loop and Get Identity card you can send an email for to each user using the**{{$.loop.loopInput.context.getListOfIdentities.identities[*].name}}**
I would avoid using the scheduled search trigger since it only shows a preview of the first 20 records. You may very well have more users doing a password reset than 20. Instead, I would setup a âScheduled Triggerâ to run at a set interval (ex. every hour), and have the workflow invoke an HTTP Request to the search API. The search request will use the query that @edmarks provided above:
As for an example of how to setup this workflow, check out the first 20 minutes from this livestream that I recorded.
The use case I cover in the video is for new user onboarding, but it can easily be adapted to search for identities that do a password reset instead. Youâll want to grab the templates from here.