Skip to main content

IAM - Group Membership Update

This Playbook is part of the IAM Pack.#

Updates user permissions in apps according to their group memberships in Okta.


This playbook uses the following sub-playbooks, integrations, and scripts.


This playbook does not use any sub-playbooks.


This playbook does not use any integrations.


  • Set
  • PrintErrorEntry
  • DeleteContext
  • AssignAnalystToIncident


  • okta-get-app-user-assignment
  • findIndicators
  • iam-update-user

Playbook Inputs#

NameDescriptionDefault ValueRequired
UserRoleToAssignForFailuresThe Cortex XSOAR role from which to assign users to the incident when a CRUD operation fails. This can be left empty to assign users from all roles.Optional
UserAssignmentMethodDetermines the way in which user assignments will be decided in Cortex XSOAR for the failed incidents.
Can be one of the following: "random", "machine-learning", "top-user", "less-busy-user", "online", "current".
If left empty, users will be assigned randomly.
AssignOnlyOnCallDetermines whether to assign only users that are currently on a shift to failed incidents. Set to "true" to assign only users that are currently working, or set to "false" or leave empty to assign any user.Optional
AdminEmailThe email address of the admin that approves group membership changes.Optional

Playbook Outputs#

There are no outputs for this playbook.

Playbook Image#

Setup Account