Unable to trigger workflow from external source (Postman)

smajumdar · March 12, 2025, 8:36pm

Which IIQ version are you inquiring about?

8.3

Please share any images or screenshots, if relevant.

Share all details about your problem, including any error messages you may have received.

I am trying to trigger a workflow, and I am able to authenticate using a generated bearer token, but I end up getting the same message: “Workflow was not executed externally. Check enabled flag on workflow definition”

I have tried modifying the json file, adding in “enabled”: “true” <k,v> parameters under “definition” as well as in line with “definition” property. I couldn’t find any further help on google search. Still going through SailPoint community forum to find one, but if anybody can help, that would be great. Thank you.

pravin_ranjan · March 12, 2025, 9:14pm

@smajumdar can u share the postman call with url ?

you will get more details here : launch-workflow | SailPoint Developer Community

smajumdar · March 13, 2025, 1:54pm

I don’t have SailPoint installed on my local machine. I am accessing on SailPoint web following the instructions on the trigger description:

POST call
url: https://[tenant].api.identitynow.com/beta/workflows/execute/external/:workflow_id

I am able to generate token and authenticate from the provided client id and secret in the trigger description page and postman returns a 200 on making the call, but somehow I get that same message. I tried creating a simple workflow to check if it executes, but it didn’t work either.

pravin_ranjan · March 13, 2025, 2:21pm

Your post URL is for identityNow, you have to change for identityiq

http://localhost:8080/identityiq/scim/v2/LaunchedWorkflows

here is doc for identityIQ:

launch-workflow | SailPoint Developer Community

smajumdar · March 13, 2025, 2:30pm

This is the reference link I used: post-external-execute-workflow | SailPoint Developer Community

pravin_ranjan · March 13, 2025, 3:05pm

This endpoint allows a service outside of IdentityNow to initiate a workflow that uses the “External Trigger” step. The external service will invoke this endpoint with the input data it wants to send to the workflow in the body.

if you need to make a call in identityiq then use sailpoint api calls not identitynow.

smajumdar · March 13, 2025, 3:27pm

That is what I want to do. I am new to SailPoint. I want to see if I can trigger the workflow from a web app, for that I am trying to trigger it via postman to check if it works (I am sending an empty body expecting it to trigger the workflow and fail). Could you advice on what should be the proper method for this? Or if the external service should be some specific service?

pravin_ranjan · March 13, 2025, 3:52pm

Try this way if you are using postman:

1. API Endpoint

POST http://<your-identityiq-server>/identityiq/scim/v2/LaunchedWorkflows

Make sure to replace <your-identityiq-server> with your actual SailPoint server URL.

2. Headers

In Postman, under the Headers tab, add:

Key	Value
Content-Type	application/scim+json
Authorization	Bearer <your_access_token>

Ensure you replace <your_access_token> with the actual API token or authentication details.

3. JSON Request Body (Example)

Under the Body tab, select raw and use JSON format.

Here’s an example JSON payload:

json

{
  "workflowName": "ExampleWorkflow",
  "input": [
    {
      "key": "identityName",
      "value": "john.doe"
    },
    {
      "key": "approvalRequired",
      "value": "true"
    }
  ]
}

"workflowName" → Replace "ExampleWorkflow" with the actual workflow name.
"identityName" → Replace "john.doe" with the identity you want to process.
"approvalRequired" → Example of a boolean input (replace based on your workflow needs).

4. Expected API Responses

Success (201 Created)

json

{
  "id": "12345",
  "status": "PENDING",
  "message": "Workflow started successfully"
}

This means the workflow was launched successfully.

Client Error (400 Bad Request)

json

{
  "error": "Missing required input: identityName"
}

This means the API expects an input value you didn’t provide.

Unauthorized (401 Unauthorized)

json

{
  "error": "Invalid authentication credentials"
}

This means your API token or authentication method is incorrect.

Server Error (500 Internal Server Error)

json

{
  "error": "Workflow execution failed due to unexpected error"
}

This might indicate a configuration or system issue.

5. Testing an Empty Body

If you want to test failure scenarios by sending an empty body, just remove the JSON payload and send the request.

You should get an error like:

json

{
  "error": "Missing workflowName"
}

This confirms that the API expects required inputs.

MuhammadMustafa · March 28, 2025, 11:28am

Hi @smajumdar
Welcome to the SailPoint Community! I hope you were able to resolve the issue and that @pravin_ranjan solution worked for you.
If it did, please consider marking it as the accepted solution — it helps others in the community too.

If not, we’re happy to assist further until everything’s working as expected and achieving your goal.

Have a great day ahead!

Regards,
Muhammad

smajumdar · March 31, 2025, 6:03pm

Hi Muhammad,

Thank you for the message. I apologize as I was posting in the wrong forum. I was able to figure out that I was posting on IIQ discussion instead of ISC, and I was able to get my issue resolved in ISC. Since this topic wasn’t meant to be in IdentityIQ, please advise on how to move forward.

Regards.

MuhammadMustafa · April 5, 2025, 3:48pm

Hi @smajumdar glad to hear that you figured it out :).

TBH I don’t know how you can move/edit the post to be in ISC forums or so but we can mention @codey, @colin_mckibben, or @christina_gagnon to advise and give a hand here.

Regards,
Muhammad

codey · April 5, 2025, 3:48pm

Hi! To find out what I can do, say @codey display help.

christina_gagnon · April 7, 2025, 2:53pm

This topic has been moved to Identity Security Cloud (ISC) > ISC Discussion and Questions