November is full of security and management capabilities as we push to make it easier to manage and govern across various parts of the platform.
Easier management and increased security for On-Prem Agent (OPA)
Cloud Profiles for OPA
OPA is the way Workato access data to your on-prem systems. A single Workato OPA can connect to multiple on-prem applications. However, managing OPA requires editing a local config file. A cloud profile is a new way of setting a connection for OPA directly in Workato. Connecting an agent to new resources is now much easier and doesn’t require direct access to the machine where the agent runs. This allows for a more centralized management of OPA agents and less time digging around for config files on various machines running the OPA.
On-Prem Agent IP Allow List
While each Workato data center has their own IPs to use for outbound allow lists, there is a need to restrict inbound requests to Workato for OPA usage. This is where On-Prem Agent allow lists helps solve for this. Admins can easily add an IP allow list at the group level to restrict agents in the group. These additional IP restrictions will help organizations increase their security by decreasing their network attack surface.
On-Prem Agent (OPA) release 2.15 release and management updates
The 2.15 release adds Cloud Profiles support that allows setting up on-prem connections directly in workato rather than messing with local configuration files. Take a look the full release notes and other enhancements in the 2.15 release.
Collaborator roles sync enhancement for SAML SSO
Your identity manager is the source of user truth so why should you have to recreate roles in Workato? With this SAML SSO enhancement, managing roles just got easier. You can now manage the roles of your collaborators within your identity provider directly that was used to configure SAML SSO. This allows you to govern roles you already use without having to duplicate in Workato, allowing for a more efficient way of managing role changes across different workspaces such as in employee onboarding or off-boarding use cases.
What this means:
Admins no longer need to manage collaborator roles manually on the Workato platform
Users are able to provision / de-provision environment specific access to your collaborators from their identity provider via custom / system roles.
Workato roles are automatically synced and updated from user profile data on your organization’s identity provider each time a user signs into Workato via SAML SSO
Read more on SAML SSO roles sync.
AWS Secrets Project Level Management
AWS Secrets Manager is a great way to centralize the way you store and use secrets. Not only does this keep passwords to important systems out of your users and Workato’s hands, but give you a more centralized way of revoking access when needed. The IAM roles were assigned at the Workspace level. Some admins may want to have more granular control at the Project level which is now possible.
Project level Secrets Manager settings are now available so that connections in the projects can assume the role specified in the project settings. This way you can create project specific IAM roles to limit the use of secrets to connections within the project. By providing IAM roles at the project level, this gives admins more control on who has what or can further refine permissions needed for a given system. As an example, the Marketing Ops team has a few projects. One project may need read/write access to snowflake as part of their automation, but another project and set of users may only need read access though they are all part of the Marketing Ops workspace.
Read more on AWS secrets manager for project level access
Granular Permissions for Environment Properties
Governance and security is at the core of Workato. As part of an effort to provide more granular permissions across the platform, properties are now called “Environment properties” as they are global properties on an environment level. Environment properties are a great way to set commonly used properties such as a sender email address, or URL for an application that can be used across Recipes. However, while it’s great for everyone to use these common properties, you don’t want everyone mucking around and changing them. With the addition to new permissions levels like View, Edit, Create and Delete, admins can now govern who can use what with the right permissions.
Connector Highlights: New Oracle Fusion Cloud & Excel enhancements
Oracle Fusion Cloud
The Oracle Fusion Cloud is a new platform connector that allows automating Oracle Fusion Cloud modules such as Financials, SCM, CRM and HCM. By supporting objects across these modules that includes CRUD and extensive search support, batch and object triggers. This is huge for all Oracle Fusion users that need to automate processes around HR, Sales & Marketing and Finance.
Check out the Oracle Fusion Cloud connector documentation to learn more.
Getting data out of Excel has always been easy, but what about adding or updating? Excel docs are still, and will likely be a system of record for quite some time. With the new Excel actions such as Add rows or Add Bulk rows, Update row and Search rows, users can create automations that add rows to easily append records in an Excel doc or simply update a given row. This is useful when Excel is not just a one time simple datasource to read information from, but to help keep the Excel docs alive and up-to-date. Think about a simple example of having a price list in an Excel doc and when a sales manager adds a new product or updates a price in Excel, you want that change to flow down into your quoting and invoicing tools. New triggers, that are are also available, can respond when a new row is added or updated allowing for recipes to respond to Excel change and update downstream systems.
Read MoreWorkato Product Hub