You can use the Kandji connector to integrate Kandji device management with Okta Workflows to help automate critical components of the user lifecycle that are prone to friction or manual error.
The first step is to Authorize your Kandji tenant for Okta Workflows.
After you set up a Kandji connection, you can use the following Kandji connector action cards in a Workflow.
For more information about available connector cards, visit the Okta Workflows ReadMe in our support Github Repo.
Action | Description |
|---|---|
Assign Library Item | Given a Library Item ID and a Blueprint ID, assign the Library Item to the Blueprint. To assign a Library Item to an Assignment Map, you must also provide the Assignment Map ID. |
Clear Passcode | Clear the iOS or iPadOS device passcode. |
Create Blueprint | Create a Blueprint. |
Create Note | Create a note in Kandji for the device. |
Create Tag | Create a Tag. |
Custom API Action | Make an authenticated HTTP request to the Kandji API. |
Erase Device | Send Erase Device MDM command. |
Get (Mac) Recovery Lock Password | Given a Device ID, This request returns the Recovery Lock password for a Mac with Apple Silicon, or the legacy EFI firmware password for an Intel-based Mac. |
Get (Mac) Unlock PIN | Get the unlock PIN for a locked Mac. |
Get Activation Lock Bypass Codes | Get the Activation Lock Bypass Code for a Mac. |
Get Blueprint | Get a Blueprint by Blueprint ID or by name. |
Get FileVault Recovery Key | Get the FileVault Recovery Key for a Mac. |
Get ADE Integration | Given an Automated Device Enrollment (ADE) integration token, return information about the integration. |
Get Device | Given a Device ID, get high-level details about the device. |
Get Threats Summary | Return top-level information about the number of threats detected. Return status_code of 404 if EDR is not turned on for the tenant. Return status_code of 401 if the API key does not have permission to read threats. |
List Blueprints | List all Blueprints in the Kandji tenant. |
List ADE Devices in ADE Integration | Given an Automated Device Enrollment (ADE) integration token, return a list of all devices associated with that token, as well as their enrollment status. When the mdm_device key value is null, this indicates that the device is awaiting enrollment into . |
List ADE Integrations | Return a list of configured Automated Device Enrollment (ADE) integrations. |
List Custom Apps | Return a list of all Custom App Library Items. |
List Device Activity | Given a Device ID, list Activity for the device. |
List Device Apps | Given a Device ID, return a list of all apps installed on the device. |
List Device Library Items | Given a Device ID, return a list of all the Library Items for the device and their statuses. |
List Device Notes | Given a Device ID, return a list of all the notes in Kandji for the device. |
List Devices | Return a list of all enrolled devices.... Optional query parameters can be used to filter the results. |
List Library Item Activity | Given a Library Item ID, get a list of Activity for the Library Item. |
List Library Item Statuses | Given a Library Item ID, get the Statuses for the Library Item. |
List Library Items | Given a Blueprint ID, return a list of the Library Items for the Blueprint. |
List Tags | List all tags. |
List Users | Return a list of all users from directory integrations. |
Lock Device | Send Lock Device MDM command. |
Manage Apple Remote Desktop | Use MDM to turn Apple Remote Desktop for a Mac on or off. |
Play Lost Mode Sound | Send the MDM command to an iOS or iPadOS device in Lost Mode to play the Lost Mode sound. |
Reinstall Kandji Agent | Use MDM to reinstall the Kandji Agent on a Mac. |
Remove Library Item | Given a Library Item ID and a Blueprint ID, unassign the Library Item from the Blueprint. To remove a Library Item from an Assignment Map, you must also provide the Assignment Map ID. |
Restart Device | Send Restart MDM command. |
Send MDM Blank Push | Send Blank Push MDM command. |
Set Device Name | Send an MDM command to set the device name. |
Shutdown Device | Send Shutdown MDM command. |
Turn Off Lost Mode | Turn off Managed Lost Mode for an iOS or iPadOS device. |
Turn On Lost Mode | Turn on Managed Lost Mode for a Supervised iOS or iPadOS device. |
Unlock (Local) User Account | Send Unlock Account MDM command. |
Update Lost Mode Location | Send the MDM command to an iOS or iPadOS device in Lost Mode to update the location data. |
Update Device | Given a device, update its assigned Blueprint, user, or asset tag. |
Update Inventory | Send Update Inventory MDM command. |
Update Tag | Given a Tag ID, update the name of the tag. |