Introduction
Use the Secure Code Warrior Okta Workflows connector to leverage Secure Code Warrior courses and assessments data within your flows. For example, you can validate the security competency of developers using an assessment before granting access to sensitive code repositories. For a more detailed use case, please see our blog post.
You can also use the connector to automate user creation and removal from the Secure Code Warrior platform. User management actions will require an Admin API key.
NOTE: This feature is meant to be used only in the Production environment (US & EU) and can't be used in the test environment.
Authorization
Prerequisites
Generate an API key
An API key is required to connect to the Secure Code Warrior Platform API and enable the use of the connector. Secure Code Warrior uses two types of API keys:
- Admin API keys are Read-Write and are required to use the Create User and Delete User action cards
- Reporting API keys are Read-Only and can be used with all remaining action cards
NOTE: Please contact Secure Code Warrior to enable Admin API keys.
To generate a key:
- Log in to Secure Code Warrior with your Company Administrator account.
- Go to Administration.
- Click More > Edit Company.
- Under Report API or Admin API, enter a label (for example, Okta Workflows Reporting Key), and click Generate Key. A dialog will appear that contains your API key.
- Copy the API key to your clipboard.
Set up a connection
When you add a Secure Code Warrior action card to a flow for the first time, you'll be prompted to configure the connection. This will enable you to connect to your Secure Code Warrior organisation, save your API key, and reuse the connection in new flows that include Secure Code Warrior action cards. To do this, please follow the following steps:
- If you have not already done so, open the Okta Workflows console from the Okta Admin Dashboard.
- From the Connections page or any Secure Code Warrior action card, click New Connection.
- Provide a Connection Nickname. This is useful if you plan to create multiple connections to share with your team.
- Paste your API key under
- Select your Instance Region
- Click Create.
Action Cards
Check Assessment Completion For User
Check whether a user has passed the specified assessment. Note that this can only be used for assessments with a minimum pass score set.
Options
No options
Inputs
Field | Description | Type | Required |
Assessment ID | The unique identifier of the assessment to to check completion for. | String | True |
User Email | The email address of the user to check completion for. | String | True |
Outputs
Field | Description | Type |
Assessment Completed |
A boolean value (true/false) indicating whether the user has passed the specified assessment. |
True/False |
Check Course Completion For User
Check whether a user has completed the specified course.
Options
No options
Inputs
Field | Description | Type | Required |
Course ID | The unique identifier of the course to check completion for. | String | True |
User Email | The email address of the user to check completion for. | String | True |
Outputs
Field | Description | Type |
Course Completed |
A boolean value (true/false) indicating whether the user has completed the specified course. |
True/False |
List Assessment Attempts For User
Get a list of attempts of a user for a specified assessment. A maximum of 100 records will be returned.
Options
Field | Description | Type | Required |
Show only passed attempts |
Filter assessment attempts to only those where the user has exceeded the minimum pass score. Allowed values are Yes and No. |
Dropdown | True |
Inputs
Field | Description | Type | Required |
Assessment ID | The unique identifier of the assessment to retrieve attempts for. | String | True |
User Email | The email address of the user to retrieve attempts for. | String | True |
Outputs
Field | Description | Type |
Assessment Attempts | The list of attempts of the user for the specified assessment. Please refer to the API documentation for the structure of the list objects. A maximum of 100 records will be returned. | List (Object) |
List Course Enrollments For User
Get a list of enrollments of a user for a specified course. A maximum of 100 records will be returned.
Options
Field | Description | Type | Required |
Show only passed course enrolments |
Filter course enrolments to only those where the user has completed the course. Allowed values are Yes and No. |
Dropdown | True |
Inputs
Field | Description | Type | Required |
Course ID | The unique identifier of the course to retrieve enrolments for. | String | True |
User Email | The email address of the user to retrieve course enrolments for. | String | True |
Outputs
Field | Description | Type |
Course Enrollments |
The list of enrolments of the user for the specified course. Please refer to the API documentation for the structure of the list objects. A maximum of 100 records will be returned. |
List (Object) |
Create User
Admin API key required. Add a new user to the Secure Code Warrior platform.
Options
Field | Description | Type | Required |
Send Invite Emails |
Send invitation and reminder emails for created users. Allowed values are Yes and No. |
Dropdown | True |
Inputs
Field | Description | Type | Required |
User Email | The email address of the user. | String | True |
User Role | The role of the user. Allowed values are Company Administrator, Team Manager and Developer. | Dropdown | True |
Team | The name of an existing team to add the user to. This field is ignored if the Company Administrator role is selected, and is required for the Team Manager and Developer roles. | String | False |
Tags | A list of tags to apply to the user. | List of Strings | False |
Outputs
Field | Description | Type |
Status Code | Result of the operation. The HTTP status code is returned by the connector and indicates whether the action taken by the card succeeded or failed. For example:
For detailed information about the status codes returned, please refer to the API documentation. |
Number |
Detailed Error Code |
When available, an additional error code will be returned on top of the HTTP status code that will provide more detailed information about what went wrong. For detailed information about the detailed error codes returned, please refer to the API documentation. |
Number |
Detailed Error Message |
When available, an additional error message will be returned with more detailed information about what went wrong. For detailed information about the detailed error messages returned, please refer to the API documentation. |
String |
Delete User
Admin API key required. Completely remove a user from the Secure Code Warrior platform. This operation is permanent and cannot be undone.
Options
No options
Inputs
Field | Description | Type | Required |
User Email | The email address of the user to delete. | String | True |
Outputs
Field | Description | Type |
Status Code | Result of the operation. The HTTP status code is returned by the connector and indicates whether the action taken by the card succeeded or failed. For example:
For detailed information about the status codes returned, please refer to the API documentation. |
Number |
Disable User
Admin API key required. Disable a user so that they will no longer be able to access the Secure Code Warrior platform.
Options
No options
Inputs
Field | Description | Type | Required |
User Email | The email address of the user to delete. | String | True |
Outputs
Field | Description | Type |
Status Code | Result of the operation. The HTTP status code is returned by the connector and indicates whether the action taken by the card succeeded or failed. For example:
For detailed information about the status codes returned, please refer to the API documentation for Get User and Update User. |
Number |
Error Message |
When available in the case of an error, an error message will be returned with information about what went wrong. For detailed information about the detailed error messages returned, please refer to the API documentation for Get User and Update User. |
Custom API Action
Use the Custom API Action to make an authenticated custom API request to the Secure Code Warrior REST API.
Options
Field | Description | Type | Required |
Request Type |
The HTTP request type to be used for the API call. Allowed values are GET and POST. |
Dropdown | True |
Inputs
Field | Description | Type | Required |
Relative URL |
The Address on the web server you are attempting to interact with. The URL is relative, meaning you do not need to specify the protocol, host or API version path (e.g. https://portal-api.securecodewarrior.com/api/v2). The provided value should begin with a "/". |
String | True |
Headers | A JSON object that represents any custom headers to be included in the custom API call. | Object | True |
Query | A JSON object that represents any query parameters to be included in the custom API call. | Object | True |
Body | A JSON object that represents the HTTP request body to be included in the custom API call. | Object | True |
Outputs
Field | Description | Type |
status_code |
The HTTP response status code indicating the success or failure of your API call. Please see this list for more information on possible status codes. |
Number |
headers |
A JSON object that represents the HTTP headers in the API call response. |
Object |
body |
The data returned from your custom API request. The structure will vary depending on the API endpoint called. Please refer to the Secure Code Warrior Platform API documentation for more information. |
Object |
Comments
0 comments
Article is closed for comments.