diff --git a/docs.json b/docs.json
index f67dece..2145281 100644
--- a/docs.json
+++ b/docs.json
@@ -65,7 +65,6 @@
"pages": [
"product/how-to/review-tasks",
"product/how-to/create-requests",
- "product/how-to/request-actions",
"product/how-to/access-change-tasks"
]
},
@@ -138,6 +137,8 @@
"group": "Automations",
"pages": [
"product/admin/automations",
+ "product/admin/automations-triggers-reference",
+ "product/admin/automations-steps-reference",
"product/admin/automation-actions"
]
},
@@ -154,7 +155,6 @@
"product/admin/directory",
"product/admin/attributes",
"product/admin/profile-types",
- "product/admin/groups",
"product/admin/user-roles",
"product/admin/delegate"
]
@@ -165,16 +165,10 @@
"product/admin/policies",
"product/admin/vaults",
"product/admin/system-log",
- {
- "group": "Integrations",
- "pages": [
- "product/admin/webhooks",
- "product/admin/service-desk",
- "product/admin/external-ticketing",
- "product/admin/external-datasources",
- "product/admin/step-up-auth"
- ]
- },
+ "product/admin/service-desk",
+ "product/admin/external-ticketing",
+ "product/admin/external-datasources",
+ "product/admin/webhooks",
{
"group": "Tenant configuration",
"pages": [
@@ -194,9 +188,7 @@
"pages": [
"product/admin/expressions",
"product/admin/expressions-reference",
- "product/admin/expressions-examples",
- "product/admin/expressions-workflows",
- "product/admin/expressions-troubleshooting"
+ "product/admin/expressions-examples"
]
},
{
@@ -225,36 +217,33 @@
]
},
{
- "group": "Manage connectors",
+ "group": "Build connectors",
"pages": [
- "baton/configure",
- "baton/manage-connector"
+ "baton/custom",
+ "baton/baton-scim",
+ "baton/baton-sql"
]
},
{
- "group": "Deploy connectors",
+ "group": "Configure connectors",
"pages": [
- "baton/deploy",
- "baton/health-checks"
+ "baton/configure"
]
},
{
- "group": "Upload connector data",
+ "group": "Deploy connectors",
"pages": [
- "baton/file-connectors"
+ "baton/deploy"
]
},
{
- "group": "Configurable connectors",
+ "group": "Upload connector data",
"pages": [
- "developer/http-authoring",
- "baton/baton-sql",
- "baton/baton-scim",
- "developer/cel-expressions"
+ "baton/file-connectors"
]
},
{
- "group": "Pre-built connectors",
+ "group": "Connector library",
"pages": [
"baton/1password",
"baton/sevenshifts",
@@ -283,6 +272,7 @@
"baton/blackline",
"baton/box",
"baton/broadcom-sac",
+ "baton/buildkite",
"baton/calendly",
"baton/celigo",
"baton/duo",
@@ -375,7 +365,6 @@
"baton/okta-aws-federation",
"baton/okta-ciam-workforce",
"baton/onelogin-v2",
- "baton/openai",
"baton/opensearch",
"baton/oracle-cloud-infrastructure",
"baton/oracle-field-service",
@@ -383,8 +372,6 @@
"baton/oracle-idcs",
"baton/outreach",
"baton/pagerduty",
- "baton/palo-alto-cortex",
- "baton/xsoar",
"baton/panda-doc",
"baton/panther",
"baton/paylocity",
@@ -442,6 +429,7 @@
"baton/workday",
"baton/workday-wql",
"baton/xero",
+ "baton/xsoar",
"baton/youtrack",
"baton/zendesk-v2",
"baton/ziphq",
@@ -457,67 +445,10 @@
"tab": "Developer",
"icon": "code",
"pages": [
- {
- "group": "Build a connector",
- "pages": [
- "developer/intro",
- "developer/concepts",
- "developer/syncing",
- "developer/pagination",
- "developer/provisioning",
- {
- "group": "Cookbook",
- "pages": [
- "developer/recipes-auth",
- "developer/recipes-modeling",
- "developer/recipes-id",
- "developer/recipes-testing",
- "developer/recipes-caching"
- ]
- },
- {
- "group": "Troubleshooting",
- "pages": [
- "developer/debugging",
- "developer/error-codes"
- ]
- },
- {
- "group": "Reference",
- "pages": [
- "developer/baton-sdk",
- "developer/config-schema",
- "developer/c1-api",
- "developer/glossary"
- ]
- }
- ]
- },
- {
- "group": "Publish your connector",
- "pages": [
- "developer/submit",
- "developer/community"
- ]
- },
- {
- "group": "C1 developer tools",
- "pages": [
- "developer/sdk",
- "developer/postman",
- "developer/terraform",
- {
- "group": "CEL expressions",
- "pages": [
- "product/admin/expressions",
- "product/admin/expressions-reference",
- "product/admin/expressions-examples",
- "product/admin/expressions-workflows",
- "product/admin/expressions-troubleshooting"
- ]
- }
- ]
- }
+ "developer/intro",
+ "developer/sdk",
+ "developer/postman",
+ "developer/terraform"
]
},
{
@@ -534,14 +465,523 @@
},
{
"group": "Endpoints",
- "openapi": "https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples"
+ "pages": [
+ {
+ "group": "Access Review",
+ "pages": [
+ "conductorone-api/access-review/create",
+ "conductorone-api/access-review/get",
+ "conductorone-api/access-review/update",
+ "conductorone-api/access-review/delete",
+ "conductorone-api/access-review/list"
+ ]
+ },
+ {
+ "group": "Access Review Template",
+ "pages": [
+ "conductorone-api/access-review-template/create",
+ "conductorone-api/access-review-template/get",
+ "conductorone-api/access-review-template/update",
+ "conductorone-api/access-review-template/delete"
+ ]
+ },
+ {
+ "group": "Access Conflict",
+ "pages": [
+ "conductorone-api/access-conflict/create-monitor",
+ "conductorone-api/access-conflict/get-monitor",
+ "conductorone-api/access-conflict/update-monitor",
+ "conductorone-api/access-conflict/delete-monitor"
+ ]
+ },
+ {
+ "group": "App Entitlement Monitor Binding",
+ "pages": [
+ "conductorone-api/app-entitlement-monitor-binding/create-app-entitlement-monitor-binding",
+ "conductorone-api/app-entitlement-monitor-binding/delete-app-entitlement-monitor-binding",
+ "conductorone-api/app-entitlement-monitor-binding/get-app-entitlement-monitor-binding"
+ ]
+ },
+ {
+ "group": "App",
+ "pages": [
+ "conductorone-api/app/list",
+ "conductorone-api/app/create",
+ "conductorone-api/app/get",
+ "conductorone-api/app/update",
+ "conductorone-api/app/delete",
+ "conductorone-api/app/search"
+ ]
+ },
+ {
+ "group": "Connector",
+ "pages": [
+ "conductorone-api/connector/rotate-credential",
+ "conductorone-api/connector/validate-http-connector-config",
+ "conductorone-api/connector/list",
+ "conductorone-api/connector/create-delegated",
+ "conductorone-api/connector/create",
+ "conductorone-api/connector/confirm-sync-valid",
+ "conductorone-api/connector/get-credentials",
+ "conductorone-api/connector/revoke-credential",
+ "conductorone-api/connector/force-sync",
+ "conductorone-api/connector/pause-sync",
+ "conductorone-api/connector/resume-sync",
+ "conductorone-api/connector/get-connector-sync-download-url",
+ "conductorone-api/connector/get",
+ "conductorone-api/connector/update",
+ "conductorone-api/connector/delete",
+ "conductorone-api/connector/update-delegated"
+ ]
+ },
+ {
+ "group": "AppAccessRequestDefaults",
+ "pages": [
+ "conductorone-api/appaccessrequestdefaults/get-app-access-requests-defaults",
+ "conductorone-api/appaccessrequestdefaults/create-app-access-requests-defaults",
+ "conductorone-api/appaccessrequestdefaults/cancel-app-access-requests-defaults"
+ ]
+ },
+ {
+ "group": "AppUsers",
+ "pages": [
+ "conductorone-api/appusers/list",
+ "conductorone-api/appusers/list-app-user-credentials",
+ "conductorone-api/appusers/list-app-users-for-user",
+ "conductorone-api/appusers/update",
+ "conductorone-api/appusers/search"
+ ]
+ },
+ {
+ "group": "App Entitlement",
+ "pages": [
+ "conductorone-api/app-entitlement/list",
+ "conductorone-api/app-entitlement/create",
+ "conductorone-api/app-entitlement/list-for-app-resource",
+ "conductorone-api/app-entitlement/list-for-app-user",
+ "conductorone-api/app-entitlement/add-manually-managed-members",
+ "conductorone-api/app-entitlement/search-app-entitlements-with-expired",
+ "conductorone-api/app-entitlement/remove-entitlement-membership",
+ "conductorone-api/app-entitlement/list-users",
+ "conductorone-api/app-entitlement/get",
+ "conductorone-api/app-entitlement/update",
+ "conductorone-api/app-entitlement/delete",
+ "conductorone-api/app-entitlement/search-app-entitlements-for-app-user",
+ "conductorone-api/app-entitlement/search",
+ "conductorone-api/app-entitlement/search-grants"
+ ]
+ },
+ {
+ "group": "App Entitlement Automation",
+ "pages": [
+ "conductorone-api/app-entitlement-automation/get-automation",
+ "conductorone-api/app-entitlement-automation/delete-automation",
+ "conductorone-api/app-entitlement-automation/create-automation",
+ "conductorone-api/app-entitlement-automation/update-automation"
+ ]
+ },
+ {
+ "group": "App Entitlement Automation Exclusion",
+ "pages": [
+ "conductorone-api/app-entitlement-automation-exclusion/list-automation-exclusions",
+ "conductorone-api/app-entitlement-automation-exclusion/add-automation-exclusion",
+ "conductorone-api/app-entitlement-automation-exclusion/remove-automation-exclusion"
+ ]
+ },
+ {
+ "group": "App Entitlement User Binding",
+ "pages": [
+ "conductorone-api/app-entitlement-user-binding/remove-grant-duration",
+ "conductorone-api/app-entitlement-user-binding/update-grant-duration",
+ "conductorone-api/app-entitlement-user-binding/list-app-users-for-identity-with-grant"
+ ]
+ },
+ {
+ "group": "App Entitlement Owner",
+ "pages": [
+ "conductorone-api/app-entitlement-owner/list-owner-i-ds",
+ "conductorone-api/app-entitlement-owner/list",
+ "conductorone-api/app-entitlement-owner/set",
+ "conductorone-api/app-entitlement-owner/add",
+ "conductorone-api/app-entitlement-owner/delete",
+ "conductorone-api/app-entitlement-owner/remove"
+ ]
+ },
+ {
+ "group": "App Owner",
+ "pages": [
+ "conductorone-api/app-owner/list-owner-i-ds",
+ "conductorone-api/app-owner/list",
+ "conductorone-api/app-owner/set",
+ "conductorone-api/app-owner/delete",
+ "conductorone-api/app-owner/add",
+ "conductorone-api/app-owner/remove"
+ ]
+ },
+ {
+ "group": "App Reports",
+ "pages": [
+ "conductorone-api/app-reports/list",
+ "conductorone-api/app-reports/generate-report"
+ ]
+ },
+ {
+ "group": "App Resource Type",
+ "pages": [
+ "conductorone-api/app-resource-type/list",
+ "conductorone-api/app-resource-type/create-manually-managed-resource-type",
+ "conductorone-api/app-resource-type/get",
+ "conductorone-api/app-resource-type/update-manually-managed-resource-type",
+ "conductorone-api/app-resource-type/delete-manually-managed-resource-type"
+ ]
+ },
+ {
+ "group": "App Resource",
+ "pages": [
+ "conductorone-api/app-resource/list",
+ "conductorone-api/app-resource/create-manually-managed-app-resource",
+ "conductorone-api/app-resource/get",
+ "conductorone-api/app-resource/update",
+ "conductorone-api/app-resource/delete-manually-managed-app-resource",
+ "conductorone-api/app-resource/search-app-resource-types",
+ "conductorone-api/app-resource/search-app-resources"
+ ]
+ },
+ {
+ "group": "App Resource Owner",
+ "pages": [
+ "conductorone-api/app-resource-owner/list-owner-i-ds",
+ "conductorone-api/app-resource-owner/delete",
+ "conductorone-api/app-resource-owner/list",
+ "conductorone-api/app-resource-owner/set",
+ "conductorone-api/app-resource-owner/add",
+ "conductorone-api/app-resource-owner/remove"
+ ]
+ },
+ {
+ "group": "App Usage Controls",
+ "pages": [
+ "conductorone-api/app-usage-controls/get",
+ "conductorone-api/app-usage-controls/update"
+ ]
+ },
+ {
+ "group": "App Entitlement Proxy Binding",
+ "pages": [
+ "conductorone-api/app-entitlement-proxy-binding/get",
+ "conductorone-api/app-entitlement-proxy-binding/create",
+ "conductorone-api/app-entitlement-proxy-binding/delete"
+ ]
+ },
+ {
+ "group": "Attribute",
+ "pages": [
+ "conductorone-api/attribute/delete-attribute-value",
+ "conductorone-api/attribute/create-attribute-value",
+ "conductorone-api/attribute/list-attribute-types",
+ "conductorone-api/attribute/list-attribute-values",
+ "conductorone-api/attribute/get-attribute-value",
+ "conductorone-api/attribute/search-attribute-values"
+ ]
+ },
+ {
+ "group": "Compliance Framework",
+ "pages": [
+ "conductorone-api/compliance-framework/list-compliance-frameworks",
+ "conductorone-api/compliance-framework/create-compliance-framework-attribute-value",
+ "conductorone-api/compliance-framework/get-compliance-framework-attribute-value",
+ "conductorone-api/compliance-framework/delete-compliance-framework-attribute-value"
+ ]
+ },
+ {
+ "group": "Risk Level",
+ "pages": [
+ "conductorone-api/risk-level/list-risk-levels",
+ "conductorone-api/risk-level/create-risk-level-attribute-value",
+ "conductorone-api/risk-level/get-risk-level-attribute-value",
+ "conductorone-api/risk-level/delete-risk-level-attribute-value"
+ ]
+ },
+ {
+ "group": "Auth",
+ "pages": [
+ "conductorone-api/auth/introspect"
+ ]
+ },
+ {
+ "group": "Automations",
+ "pages": [
+ "conductorone-api/automations/list-automation-executions",
+ "conductorone-api/automations/search-automation-executions",
+ "conductorone-api/automations/get-automation-execution",
+ "conductorone-api/automations/terminate-automation",
+ "conductorone-api/automations/search-automation-template-versions",
+ "conductorone-api/automations/list-automations",
+ "conductorone-api/automations/create-automation",
+ "conductorone-api/automations/search-automations",
+ "conductorone-api/automations/get-automation",
+ "conductorone-api/automations/update-automation",
+ "conductorone-api/automations/delete-automation",
+ "conductorone-api/automations/execute-automation"
+ ]
+ },
+ {
+ "group": "Request Catalog",
+ "pages": [
+ "conductorone-api/request-catalog/list",
+ "conductorone-api/request-catalog/create",
+ "conductorone-api/request-catalog/list-all-entitlement-ids-per-app",
+ "conductorone-api/request-catalog/list-entitlements-per-catalog",
+ "conductorone-api/request-catalog/update-app-entitlements",
+ "conductorone-api/request-catalog/add-app-entitlements",
+ "conductorone-api/request-catalog/remove-app-entitlements",
+ "conductorone-api/request-catalog/get-requestable-entry",
+ "conductorone-api/request-catalog/create-requestable-entry",
+ "conductorone-api/request-catalog/delete-requestable-entry",
+ "conductorone-api/request-catalog/add-access-entitlements",
+ "conductorone-api/request-catalog/remove-access-entitlements",
+ "conductorone-api/request-catalog/list-entitlements-for-access",
+ "conductorone-api/request-catalog/get",
+ "conductorone-api/request-catalog/update",
+ "conductorone-api/request-catalog/delete",
+ "conductorone-api/request-catalog/get-bundle-automation",
+ "conductorone-api/request-catalog/set-bundle-automation",
+ "conductorone-api/request-catalog/delete-bundle-automation",
+ "conductorone-api/request-catalog/create-bundle-automation",
+ "conductorone-api/request-catalog/resume-paused-bundle-automation",
+ "conductorone-api/request-catalog/force-run-bundle-automation",
+ "conductorone-api/request-catalog/search-entitlements"
+ ]
+ },
+ {
+ "group": "Connector Catalog",
+ "pages": [
+ "conductorone-api/connector-catalog/configuration-schema"
+ ]
+ },
+ {
+ "group": "Directory",
+ "pages": [
+ "conductorone-api/directory/list",
+ "conductorone-api/directory/create",
+ "conductorone-api/directory/get",
+ "conductorone-api/directory/update",
+ "conductorone-api/directory/delete"
+ ]
+ },
+ {
+ "group": "Function",
+ "pages": [
+ "conductorone-api/function/list-functions",
+ "conductorone-api/function/create-function",
+ "conductorone-api/function/update-function",
+ "conductorone-api/function/invoke",
+ "conductorone-api/function/get-function-secret-encryption-key",
+ "conductorone-api/function/get-function",
+ "conductorone-api/function/delete-function",
+ "conductorone-api/function/search"
+ ]
+ },
+ {
+ "group": "Function Commit",
+ "pages": [
+ "conductorone-api/function-commit/list-commits"
+ ]
+ },
+ {
+ "group": "Function Invocation",
+ "pages": [
+ "conductorone-api/function-invocation/list",
+ "conductorone-api/function-invocation/get"
+ ]
+ },
+ {
+ "group": "Function Tag",
+ "pages": [
+ "conductorone-api/function-tag/list-tags",
+ "conductorone-api/function-tag/create-tag"
+ ]
+ },
+ {
+ "group": "App Entitlement User Binding Feed",
+ "pages": [
+ "conductorone-api/app-entitlement-user-binding-feed/search-grant-feed"
+ ]
+ },
+ {
+ "group": "Personal Client",
+ "pages": [
+ "conductorone-api/personal-client/note:-only-shows-personal-clients-for-the-current-user",
+ "conductorone-api/personal-client/create",
+ "conductorone-api/personal-client/get",
+ "conductorone-api/personal-client/update",
+ "conductorone-api/personal-client/delete",
+ "conductorone-api/personal-client/note:-searches-personal-clients-for-all-users"
+ ]
+ },
+ {
+ "group": "Role",
+ "pages": [
+ "conductorone-api/role/list",
+ "conductorone-api/role/get",
+ "conductorone-api/role/update"
+ ]
+ },
+ {
+ "group": "Policy",
+ "pages": [
+ "conductorone-api/policy/list",
+ "conductorone-api/policy/create",
+ "conductorone-api/policy/test",
+ "conductorone-api/policy/validate-cel",
+ "conductorone-api/policy/get",
+ "conductorone-api/policy/update",
+ "conductorone-api/policy/delete",
+ "conductorone-api/policy/search"
+ ]
+ },
+ {
+ "group": "Request Schema Entitlement Binding",
+ "pages": [
+ "conductorone-api/request-schema-entitlement-binding/find-binding-for-app-entitlement",
+ "conductorone-api/request-schema-entitlement-binding/create-entitlement-binding",
+ "conductorone-api/request-schema-entitlement-binding/remove-entitlement-binding"
+ ]
+ },
+ {
+ "group": "Request Schema",
+ "pages": [
+ "conductorone-api/request-schema/create",
+ "conductorone-api/request-schema/get",
+ "conductorone-api/request-schema/update",
+ "conductorone-api/request-schema/delete"
+ ]
+ },
+ {
+ "group": "App Entitlement User Binding History",
+ "pages": [
+ "conductorone-api/app-entitlement-user-binding-history/search-past-grants"
+ ]
+ },
+ {
+ "group": "Step Up Authentication Providers",
+ "pages": [
+ "conductorone-api/step-up-authentication-providers/search",
+ "conductorone-api/step-up-authentication-providers/list",
+ "conductorone-api/step-up-authentication-providers/create",
+ "conductorone-api/step-up-authentication-providers/get",
+ "conductorone-api/step-up-authentication-providers/update",
+ "conductorone-api/step-up-authentication-providers/delete",
+ "conductorone-api/step-up-authentication-providers/update-secret",
+ "conductorone-api/step-up-authentication-providers/test"
+ ]
+ },
+ {
+ "group": "Step Up Authentication Transactions",
+ "pages": [
+ "conductorone-api/step-up-authentication-transactions/search",
+ "conductorone-api/step-up-authentication-transactions/get"
+ ]
+ },
+ {
+ "group": "System Log Exporter",
+ "pages": [
+ "conductorone-api/system-log-exporter/search",
+ "conductorone-api/system-log-exporter/list",
+ "conductorone-api/system-log-exporter/create",
+ "conductorone-api/system-log-exporter/get",
+ "conductorone-api/system-log-exporter/update",
+ "conductorone-api/system-log-exporter/delete",
+ "conductorone-api/system-log-exporter/list-events"
+ ]
+ },
+ {
+ "group": "Task",
+ "pages": [
+ "conductorone-api/task/search",
+ "conductorone-api/task/list",
+ "conductorone-api/task/create-grant-task",
+ "conductorone-api/task/create-offboarding-task",
+ "conductorone-api/task/create-revoke-task",
+ "conductorone-api/task/get",
+ "conductorone-api/task/approve",
+ "conductorone-api/task/approve-with-step-up",
+ "conductorone-api/task/close",
+ "conductorone-api/task/comment",
+ "conductorone-api/task/deny",
+ "conductorone-api/task/escalate-to-emergency-access",
+ "conductorone-api/task/process-now",
+ "conductorone-api/task/reassign",
+ "conductorone-api/task/hard-reset",
+ "conductorone-api/task/restart",
+ "conductorone-api/task/skip-step",
+ "conductorone-api/task/update-grant-duration",
+ "conductorone-api/task/update-request-data"
+ ]
+ },
+ {
+ "group": "User",
+ "pages": [
+ "conductorone-api/user/search",
+ "conductorone-api/user/list",
+ "conductorone-api/user/get",
+ "conductorone-api/user/get-user-profile-types",
+ "conductorone-api/user/set-expiring-user-delegation-binding-by-admin"
+ ]
+ },
+ {
+ "group": "Webhook",
+ "pages": [
+ "conductorone-api/webhook/search",
+ "conductorone-api/webhook/list",
+ "conductorone-api/webhook/create",
+ "conductorone-api/webhook/get",
+ "conductorone-api/webhook/update",
+ "conductorone-api/webhook/delete",
+ "conductorone-api/webhook/test"
+ ]
+ },
+ {
+ "group": "AWS External ID Settings",
+ "pages": [
+ "conductorone-api/aws-external-id-settings/get"
+ ]
+ },
+ {
+ "group": "Org Domain",
+ "pages": [
+ "conductorone-api/org-domain/list",
+ "conductorone-api/org-domain/update"
+ ]
+ },
+ {
+ "group": "Session Settings",
+ "pages": [
+ "conductorone-api/session-settings/get",
+ "conductorone-api/session-settings/update",
+ "conductorone-api/session-settings/test-source-ip"
+ ]
+ },
+ {
+ "group": "System Log",
+ "pages": [
+ "conductorone-api/system-log/list-events"
+ ]
+ },
+ {
+ "group": "Vault",
+ "pages": [
+ "conductorone-api/vault/create",
+ "conductorone-api/vault/get",
+ "conductorone-api/vault/update",
+ "conductorone-api/vault/delete"
+ ]
+ }
+ ]
}
]
}
- ],
- "global": {
- "anchors": []
- }
+ ]
},
"logo": {
"light": "/logo/light.svg",
@@ -632,10 +1072,6 @@
{
"source": "/product/integrations",
"destination": "/baton/intro"
- },
- {
- "source": "/developer/sql-authoring",
- "destination": "/baton/baton-sql"
}
]
}
\ No newline at end of file
diff --git a/product/admin/automations-steps-reference.mdx b/product/admin/automations-steps-reference.mdx
new file mode 100644
index 0000000..c25258f
--- /dev/null
+++ b/product/admin/automations-steps-reference.mdx
@@ -0,0 +1,133 @@
+---
+title: "Automation steps reference"
+description: "A comprehensive guide to all available automation steps in ConductorOne, including event-based, scheduled, and on-demand options."
+sidebarTitle: "Automation steps"
+---
+
+An automation needs at least one step, and can have as many steps as you need. You can reorder steps using the arrow controls.
+
+### Send email
+
+Send an email notification to specified recipients. Use this step to alert stakeholders about important events, such as notifying IT admins when a new employee joins or when access needs to be reviewed.
+
+**Required fields:** Recipient, Email title, Email subject, Email message
+
+**Example:** Send an email to three IT admins
+
+### Send Slack message
+
+Post a message to a designated Slack channel. Use this step to send real-time notifications to teams and keep relevant channels informed about workflow events, new access grants, or other important updates.
+
+**Required fields:** Slack channel name, Message
+
+**Example:** Send a Slack message to the "new-employees" channel
+
+### Wait for duration
+
+Pause the automation workflow for a specified period before continuing to the next step. Use this to give users time to respond to notifications or allow time for manual review before automated actions are taken.
+
+**Required fields:** Time to wait before proceeding
+
+**Example:** Wait 30 minutes
+
+### Create campaign
+
+Automatically create a new access review campaign based on a template. Use this step to ensure timely access reviews when significant events occur, such as when an employee departs or changes roles.
+
+**Required fields:** Access review template, User whose access will be reviewed
+
+**Example:** Create a new UAR campaign to review a departed user's access
+
+### Revoke entitlements
+
+Create revoke tasks to remove specified entitlements from a user's account. You can selectively revoke access while excluding certain entitlements that should be preserved. Use this step for offboarding workflows and managing access changes.
+
+**Required fields:** Target user, Entitlements to revoke, Entitlements to exclude
+
+**Example:** Create revoke tasks for all AWS entitlements except app access
+
+### Grant entitlements
+
+Automatically grant specified entitlements to a user. Use this step during onboarding and role changes to ensure users receive the appropriate access permissions without manual intervention.
+
+**Required fields:** Target user, Entitlements to grant
+
+**Example:** Grant access to the "Engineering team" role in Jira
+
+### Modify delegate
+
+Update or remove delegation settings for a user. Use this step when managing temporary access delegation or when a user's responsibilities change and their delegated tasks need to be reassigned.
+
+**Required fields:** Target user
+
+**Example:** Remove this user as a delegate
+
+### Remove access profiles
+
+Unenroll a user from specified access profiles. Use this step during offboarding or role transitions to ensure users no longer receive automatic access grants associated with profiles they should no longer be part of.
+
+**Required fields:** Target user, Access profiles to unenroll from (or check the box to unenroll from all)
+
+**Example:** Unenroll the user from three key access profiles
+
+### Modify user status
+
+Change a user's status in ConductorOne (e.g., to Active, Disabled, or Inactive). Use this step to maintain accurate user records, such as disabling accounts when employees leave or take extended leave.
+
+**Required fields:** Target user, New user status
+
+**Example:** Change a user's status to Disabled in ConductorOne
+
+### Run automation
+
+Trigger another automation to run. Use this step to create modular workflows and chain automations together, letting you build complex multi-step processes while keeping individual automations focused and maintainable.
+
+**Required fields:** Automation name
+
+**Optional fields:** Context in JSON format
+
+**Example:** Trigger a run of the "Secondary Offboarding Tasks" automation
+
+### Perform task action
+
+Take action on existing tasks, such as reassigning, completing, or canceling them. Use this step to manage task workflows when users change roles or leave, ensuring that pending tasks are properly handled.
+
+**Required fields:** Whose tasks to take action on, Task type, Action to take
+
+**Example:** Assign all a user's open review tasks to the head of Security
+
+### Run webhook
+
+Execute a configured webhook to integrate with external systems. Use this step to trigger actions in other platforms and integrate ConductorOne with your broader technology ecosystem.
+
+**Required fields:** Webhook name, Payload
+
+**Example:** Trigger a webhook that creates a ticket to deprovision Figma access
+
+### Perform connector action
+
+Execute custom capabilities configured on a connector. Connector actions extend automation functionality with app-specific operations that may not be available through standard steps. Contact Customer Success to learn more about setting up connector actions.
+
+**Required fields:** Connector name, Action name, Additional fields as determined by the connector action's format
+
+**Example:** Lock an Active Directory account
+
+### Create account
+
+Create a new account in a connected application. You can choose between two creation methods: **Custom** (which uses connector-specific schema as described in the [automatic account provisioning documentation](https://www.conductorone.com/docs/product/admin/account-provisioning)) or **From ConductorOne user** (which uses existing user information from ConductorOne to populate the new account). Use this step to automate account provisioning during onboarding.
+
+**Required fields:** Connector name, Creation method, Additional values depending on method
+
+**Example:** Create a new Greenhouse account
+
+### Call function
+
+
+ The Call function step is currently in early access. Contact your technical account manager to learn more about enabling this feature for your workspace.
+
+
+Execute a custom function with specified input parameters. Functions let you extend automation capabilities with custom logic, data transformations, or complex operations that aren't available through standard automation steps. Functions can process data, perform calculations, make decisions based on custom business logic, and return values that you can use in subsequent automation steps.
+
+**Required fields:** Function name, Input parameters
+
+**Example:** Call a function to calculate prorated access costs based on user start date
diff --git a/product/admin/automations-triggers-reference.mdx b/product/admin/automations-triggers-reference.mdx
new file mode 100644
index 0000000..6e6b0dd
--- /dev/null
+++ b/product/admin/automations-triggers-reference.mdx
@@ -0,0 +1,115 @@
+---
+title: "Automation triggers reference"
+description: "A comprehensive guide to all available automation triggers in ConductorOne, including event-based, scheduled, and on-demand options."
+sidebarTitle: "Automation triggers"
+---
+
+Each automation can be triggered by an event such as the creation of a new application account or a change in a user or account's status. You can also skip adding a trigger and run the automation manually instead.
+
+### On demand (no trigger)
+
+Use this option to create an automation that only runs when you manually execute it. This is useful for ad-hoc tasks that you need to perform on demand rather than in response to specific events or on a schedule. You can run automations without triggers from the automations list, or trigger them programmatically from other automations using the "Run automation" step.
+
+**Required fields:** None (trigger is manual execution only)
+
+**Example:** Create a manual cleanup automation that you can run as needed to review and remove stale access
+
+### User updated
+
+Use this trigger to respond when a user attribute changes in ConductorOne. You can monitor changes to employment status, department, manager, or any other user attribute. Add conditional expressions to narrow the trigger to specific changes, such as when a user's status changes from "Active" to "Terminated."
+
+**Required fields:** User attribute
+
+**Optional fields:** Conditional expression
+
+**Example:** Trigger on a change to a user's employment status
+
+### Account created
+
+Use this trigger to respond when a new account is created in a specified application. This is useful for initiating onboarding workflows, sending welcome notifications, or ensuring new accounts receive appropriate access. You can add conditional expressions to refine when the trigger activates based on account properties.
+
+**Required fields:** App name
+
+**Optional fields:** Conditional expression
+
+**Example:** Trigger on the creation of a new GitHub account
+
+### Account updated
+
+Use this trigger to respond when an account attribute changes in a connected application. You can monitor changes to account properties like email address, account status, role assignments, or other account-specific attributes. This helps you maintain consistency across systems or respond to important account changes.
+
+**Required fields:** App name, Account attribute
+
+**Optional fields:** Conditional expression
+
+**Example:** Trigger on a change to the email address associated with an Okta account
+
+### Unused access
+
+Use this trigger to identify when a user hasn't logged into their app account for a specified duration. You can configure how to handle accounts with no login activity recorded and set cold start behavior to determine whether existing unused accounts are immediately processed or only newly unused accounts trigger the automation.
+
+**Required fields:** App name, Days since last login, Cold start behavior
+
+**Optional fields:** Type of account, Whether to include accounts with no login activity, Conditions for inclusion/exclusion
+
+**Cold start behavior:** Sets whether app accounts that meet the unused access condition when you first enable the automation will immediately have the automation's actions performed, or if the automation should proceed only after a delay. During the delay, you could alert impacted users that their access will be removed if unused.
+
+**Example:** Trigger when a user hasn't logged into GitHub for 45 days
+
+### User created
+
+Use this trigger to respond when a new user is created in ConductorOne, typically through directory synchronization. This is ideal for initiating onboarding automations that grant initial access, send welcome communications, or create accounts in various systems. You can add conditional expressions to target specific types of new users based on their attributes.
+
+**Required fields:** None
+
+**Optional fields:** Conditional expression
+
+**Example:** Trigger when a new user is created
+
+### Grant found
+
+Use this trigger to respond when a new access grant is discovered in your environment. This is useful for monitoring when users receive new permissions, ensuring compliance with access policies, or triggering additional provisioning steps. You can filter by specific entitlements, applications, and how the grant was created (manually, through automation, via access request, etc.).
+
+**Required fields:** Account type, Entitlements or app name, Grant source, Grant type, Grant origin
+
+**Example:** Trigger when a user is granted access to the OpsGenie on-call rotation
+
+### Grant deleted
+
+Use this trigger to respond when an access grant is removed from a user's account. This helps you maintain access consistency across related systems, trigger cleanup tasks, or alert stakeholders about access removal. You can specify which types of grants to monitor based on entitlement, application, and how the grant was originally created.
+
+**Required fields:** Account type, Entitlements or app name, Grant source, Grant type, Grant origin
+
+**Example:** Trigger when a user loses access to their Google Workspace account
+
+### Incoming webhook
+
+Use this trigger to let external systems initiate ConductorOne automations by sending webhook requests. This lets you integrate ConductorOne with your broader technology ecosystem, allowing events in other systems (like HRIS platforms, ticketing systems, or custom applications) to trigger access management workflows. You must configure authentication to ensure only authorized systems can trigger the automation.
+
+**Required fields:** Authentication method (HMAC or JWT)
+
+**Example:** Trigger when an employee's status changes to Inactive in Workday
+
+### Schedule for user
+
+Use this trigger to run the automation on a schedule for specified users. You can configure the frequency (daily, weekly, monthly) and select which users the automation should run for. This is useful for periodic access reviews, recurring compliance checks, or regular housekeeping tasks that you need to perform on user accounts at set intervals.
+
+**Required fields:** Schedule frequency, Target users
+
+**Example:** Run a weekly access review automation for all contractors
+
+### Schedule for app user
+
+Use this trigger to run the automation on a schedule for users of a specific application. You can configure the frequency and select which app users (or filter by account properties) the automation should run for. This is useful for app-specific maintenance tasks, periodic access validations, or recurring compliance checks on application accounts.
+
+**Required fields:** Schedule frequency, App name, Target app users
+
+**Example:** Run a monthly unused access check for all Salesforce accounts
+
+## Requestable automation triggers
+
+Requestable automations use an **On demand** trigger, which means they only run when a user explicitly requests them through the Actions catalog. Unlike event-based or scheduled triggers, requestable automations are initiated through a user-facing request form and governed by approval policies.
+
+When you configure an automation as requestable, it can't have other trigger types (such as User updated, Account created, or Schedule triggers). The automation remains dormant until a user submits a request, at which point it proceeds through the configured approval workflow before executing its steps.
+
+For more information about configuring requestable automations, including how to set up request forms, approval policies, and audience scoping, see the [requestable automations documentation](https://www.conductorone.com/docs/product/admin/automation-actions).
diff --git a/product/admin/automations.mdx b/product/admin/automations.mdx
index c85d2a4..8a45d53 100644
--- a/product/admin/automations.mdx
+++ b/product/admin/automations.mdx
@@ -1,248 +1,171 @@
---
-title: Create automations
-og:title: Create automations - ConductorOne docs
-og:description: Automations are custom workflows that can streamline repetitive tasks like onboarding and offboarding, ensuring consistency and reducing manual effort.
-description: Automations are custom workflows that can streamline repetitive tasks like onboarding and offboarding, ensuring consistency and reducing manual effort.
-sidebarTitle: Automate custom workflows
+title: "Create automations"
+og:title: "Create automations - ConductorOne docs"
+og:description: "Automations are custom workflows that can streamline repetitive tasks like onboarding and offboarding, ensuring consistency and reducing manual effort."
+description: "Automations are custom workflows that can streamline repetitive tasks like onboarding and offboarding, ensuring consistency and reducing manual effort."
+sidebarTitle: "Automate custom workflows"
---
-{/* Editor Refresh: 2026-02-01 */}
+
+{/* Editor Refresh: 2026-02-05 */}
Automations in ConductorOne empower you to build custom workflows for repetitive tasks, significantly streamlining your operational processes. Automations are ideal for kicking off critical processes when an employee's status changes, providing seamless onboarding, secure offboarding, efficient role transfers, and timely access reviews. Automations ensure consistency, reduce manual effort, and improve compliance.
Find and manage all your automations on the **Automations** page.
-## Automation structure
-
-Here's a sample automation's details page:
-
-
+## Automation structure
-Let's break down the structure:
+Here's a sample automation's details page:
-1. **Automation trigger**: This determines what causes an automation to run. This automation's trigger is turned on, so it will run automatically. You can also manually start an automation run at any time by clicking **Run** at the top of the page.
+
+ 
+
-2. **Automation steps**: These are the actions your automation performs. This automation has only one step, but you can add as many as you need.
+Let's break down the structure:
+1. **Automation trigger**: This determines what causes an automation to run. This automation's trigger is turned on, so it will run automatically. You can also manually start an automation run at any time by clicking **Run** at the top of the page.
+2. **Automation steps**: These are the actions your automation performs. This automation has only one step, but you can add as many as you need.
3. **Publication status**: Each automation is in either a **draft** or **published** state. Here, the **Publish** button is greyed out to indicate that this automation is published.
-
4. **Version number**: Automations are versioned (this one is **v2**), and you can restore a previous version of an automation if necessary.
## Create a new automation
-A user with the **Super Admin** role in ConductorOne must complete this task.
+ A user with the **Super Admin** role in ConductorOne must complete this task.
-
-Navigate to **Workflows** > **Automations** and click **New automation**.
-
-
-
-Give your automation a name and add a description, if desired.
-
-
-
-Click **Set automation trigger** and choose the event that will trigger this automation. Refer to the [automation triggers reference](/product/admin/automations#automation-triggers-reference) below for details on the available triggers.
-
-
-Set the **Automation** toggle to **On** if you want to start triggering the automation when the event you've selected occurs as soon as the automation is published. You can also leave the toggle off for now, if desired.
-
- Automations in their draft state do not run automatically, even if this toggle is enabled.
-
-
-Click **Add step** and select the first step for the automation. Refer to the [automation steps reference](/product/admin/automations#automation-steps-reference) below for details on the available automation steps.
-
-
-Fill out the automation step form and click **Save**.
-
-
-
-Click **+ Add step** again and repeat the process to add additional steps, as needed.
-
- If you need to reorder the automation steps, hover over the step and use the arrow keys.
-
- To delete a step entirely, hover over the step and click the trash can icon.
-
-
-To test your automation, click **Run draft** at the top of the page.
-
- You'll be asked to provide context for the test run, and will see a panel showing the details of the execution as it proceeds.
-
-
-When you're ready, click **Publish** to put the automation into use.
-
- Make sure to check on the status of the automation trigger, and turn it to **On** if you want to start triggering the automation when the event you've selected occurs.
-
+
+ Navigate to **Admin** > **Automations** and click **New automation**.
+
+
+ Give your automation a name and add a description, if desired.
+
+
+ Click **Set automation trigger** and choose the event that will trigger this automation. Refer to the [automation triggers reference](/product/admin/automations-triggers-reference) for details on the available triggers.
+
+
+ Set the **Automation** toggle to **On** if you want to start triggering the automation when the event you've selected occurs as soon as the automation is published. You can also leave the toggle off for now, if desired.
+
+ Automations in their draft state do not run automatically, even if this toggle is enabled.
+
+
+ Click **Add step** and select the first step for the automation. Refer to the [automation steps reference](/product/admin/automations-steps-reference) for details on the available automation steps.
+
+
+ Fill out the automation step form and click **Save**.
+
+
+ Click **+ Add step** again and repeat the process to add additional steps, as needed.
+
+ If you need to reorder the automation steps, hover over the step and use the arrow keys.
+
+ To delete a step entirely, hover over the step and click the trash can icon.
+
+
+ To test your automation, click **Run draft** at the top of the page.
+
+ You'll be asked to provide context for the test run, and will see a panel showing the details of the execution as it proceeds.
+
+
+ When you're ready, click **Publish** to put the automation into use.
+
+ Make sure to check on the status of the automation trigger, and turn it to **On** if you want to start triggering the automation when the event you've selected occurs.
+
-**That's it!** The automation is now ready for use. To see all executions of this automation, click the **...** (more actions) menu and select **Show execution history**.
-
-### Fine-tuning your automation
-
-On the **Advanced** tab of each automation step’s setup drawer, you can add a CEL expression that instructs the automation to skip the step if a condition is met. This section also displays the step’s **Step ID**, which is used to reference the current step’s output in later steps.
-
-On the **Available data** tab, you’ll find data gathered from previous steps in the automations, which can be used to write CEL expressions to refine or define conditions in later steps.
-
-### Editing an automation
-
-When first published, new automations are marked **v1**. If you make edits to the automation, it will create a new draft version of the automation, which you can test and publish (as **v2**) when you're ready.
-
-To see all versions of the automation, click the **...** (more actions) menu and select **Show version history**. You can restore a different version of the automation from this list.
-## Get agent help building automations
+**That's it!** The automation is now ready for use. To see all executions of this automation, click the **...** (more actions) menu and select **Show execution history**.
-
-**This agent is in beta.** This means it's undergoing ongoing testing and development while we gather feedback, validate functionality, and improve outputs. Please contact our Support team with any issues or feedback.
-
+### Fine-tuning your automation
-The Automation Architect is an AI-powered agent that creates automations for you based on your prompts. Describe the workflow you want to automate, and the agent translates your prompt into a series of automation steps, complete with the appropriate trigger and actions. This makes building automations faster, especially for complex workflows that would otherwise require careful manual setup.
+On the **Advanced** tab of each automation step’s setup drawer, you can add a CEL expression that instructs the automation to skip the step if a condition is met. This section also displays the step’s **Step ID**, which is used to reference the current step’s output in later steps.
-On the **Automations** page, click **Create with Copilot** to get started.
+On the **Available data** tab, you’ll find data gathered from previous steps in the automations, which can be used to write CEL expressions to refine or define conditions in later steps.
-
+### Editing an automation
-Once the agent generates your automation, you can review, modify, test, and publish it like any manually created automation.
+When first published, new automations are marked **v1**. If you make edits to the automation, it will create a new draft version of the automation, which you can test and publish (as **v2**) when you're ready.
-The agent currently focuses on creating new automations. Editing capabilities for existing automations are coming soon.
+To see all versions of the automation, click the **...** (more actions) menu and select **Show version history**. You can restore a different version of the automation from this list.
## App-specific automations
-A user who is an application owner with the **App Admin** role can create and manage app-specific automations for the apps they own.
+ A user who is an application owner with the **App Admin** role can create and manage app-specific automations for the apps they own.
-You can create and manage automations that are scoped to a specific app on that application's **Automations** tab.
+You can create and manage automations that are scoped to a specific app on that application's **Automations** tab.
-To create an app-specific automation:
+To create an app-specific automation:
-
-Navigate to the **Apps** page and click the name of an application you own.
-
-
-
-Click **Automations**. Any existing app-specific automations are listed here.
-
-
-Click **New automation**, then follow the steps in [Create a new automation](/product/admin/automations#create-a-new-automation).
-
+
+ Navigate to **Admin** > **Applications** and click the name of an application you own.
+
+
+ Click **Automations**. Any existing app-specific automations are listed here.
+
+
+ Click **New automation**, then follow the steps in [Create a new automation](/product/admin/automations#create-a-new-automation).
+
+
-All app-specific automations are also listed on the **Automations** page. Only users with the **Super Admin** role can see and manage these automations from this page.
+ All app-specific automations are also listed on the **Automations** page. Only users with the **Super Admin** role can see and manage these automations from this page.
### Unused access automations
-**Availability and functionality of unused access automations**
+ **Availability and functionality of unused access automations**
-Some older connectors do not support the data needed to run unused access automations. The **Unused access** section is not displayed on these apps' details pages.
+ Some older connectors do not support the data needed to run unused access automations. The **Unused access** section is not displayed on these apps' details pages.
-Be aware that while the **Unused access** section is displayed on all current-generation connectors' app pages, **only those connectors that report last login data** (and their child apps, as relevant) can correctly track login data and use it to strategically take action on unused accounts via an unused access automation. View the [list of connectors that report last login information](/baton/capabilities) on the connector capabilities table.
+ Be aware that while the **Unused access** section is displayed on all current-generation connectors' app pages, **only those connectors that report last login data** (and their child apps, as relevant) can correctly track login data and use it to strategically take action on unused accounts via an unused access automation. View the [list of connectors that report last login information](/baton/capabilities) on the connector capabilities table.
-**CAUTION: If an unused access automation is set up on an app whose connector does not report last login information, the automation will take action on all app accounts.**
+ **CAUTION: If an unused access automation is set up on an app whose connector does not report last login information, the automation will take action on all app accounts.**
-Unused access automations are tailored to help you manage unused app access. These automations fire when a user has not logged into their app account for the length of time you specify.
+Unused access automations are tailored to help you manage unused app access. These automations fire when a user has not logged into their app account for the length of time you specify.
-Create and manage unused access automations in the **Unused access** section of the app's **Controls** tab. This section shows the number of accounts that have not been accessed in the past 30 days (click through to see the full list of these accounts on the **Access explorer** page), and is the home of controls for quickly creating an automation for unused access.
+Create and manage unused access automations in the **Unused access** section of the app's **Controls** tab. This section shows the number of accounts that have not been accessed in the past 30 days (click through to see the full list of these accounts on the **Access explorer** page), and is the home of controls for quickly creating an automation for unused access.
-
+
+ 
+
-To set up a new unused access automation:
+To set up a new unused access automation:
-
-Locate the **Unused access** section of the app's **Controls** tab and click **Add automation**.
-
-
-
-Choose from the list of automation templates:
-
- * Send a notification after 30 days
- * Revoke access after 45 days
- * Create a custom usage-based automation from scratch
-
-
-The automation draft is set up for you. Click the **Unused access** trigger, review the details and make any adjustments.
-
- You can choose how to treat accounts with no login activity, set how to perform the initial runs of the automation, and narrow the automation's scope, if desired.
-
-
-Click **Save**.
-
-
-
-If needed, review the automation's steps and add additional steps as desired.
-
-
-When you're ready, click **Publish**.
-
- The automation is now ready for use. To see all executions of this automation, click the **...** (more actions) menu and select **Show execution history**.
-
+
+ Locate the **Unused access** section of the app's **Controls** tab and click **Add automation**.
+
+
+ Choose from the list of automation templates:
+
+ - Send a notification after 30 days
+ - Revoke access after 45 days
+ - Create a custom usage-based automation from scratch
+
+
+ The automation draft is set up for you. Click the **Unused access** trigger, review the details and make any adjustments.
+
+ You can choose how to treat accounts with no login activity, set how to perform the initial runs of the automation, and narrow the automation's scope, if desired.
+
+
+ Click **Save**.
+
+
+ If needed, review the automation's steps and add additional steps as desired.
+
+
+ When you're ready, click **Publish**.
+
+ The automation is now ready for use. To see all executions of this automation, click the **...** (more actions) menu and select **Show execution history**.
+
-**That's it!** You can review and update this automation on the **Unused access** section of the app's **Controls** tab (users with the **Super Admin** role can also see it on the **Automations** tab). You can also add additional usage-based automations to this app to further fine-tune how unused access is managed.
-
-
-
-## Automation triggers reference
-
-Each automation can be triggered by an event such as the creation of a new application account or a change in a user or account’s status. Alternatively, you can skip adding an automation trigger and instead run the automation manually.
-
-| Trigger | Requires | Example |
-| :--- | :--- | :--- |
-| User updated | User attribute
(Optional) Conditional expression | Trigger on a change to a user’s employment status |
-| Account created | App name
(Optional) Conditional expression | Trigger on the creation of a new GitHub account |
-| Account updated | App name
Account attribute
(Optional) Conditional expression | Trigger on a change to the email address associated with an Okta account |
-| Unused access | App name
Days since last login
(Optional) Type of account
(Optional) Whether to include accounts with no login activity
(Optional) Conditions for inclusion/exclusion
Cold start behavior (see below) | Trigger when a user has not logged into GitHub for 45 days |
-| User created | (Optional) Conditional expression | Trigger when a new user is created |
-| Grant found | Account type
Entitlements or app name
Grant source
Grant type
Grant origin | Trigger when a user is granted access to the OpsGenie on-call rotation |
-| Grant deleted | Account type
Entitlements or app name
Grant source
Grant type
Grant origin | Trigger when a user loses access to their Google Workspace account |
-| Incoming webhook | Authentication method (HMAC or JWT) | Trigger when an employee's status changes to Inactive in Workday |
-
-**Cold start behavior** on an unused access trigger sets whether app accounts that meet the unused access trigger's condition when the automation is first enabled will immediately have the automation's actions performed, or if the automation should proceed only after a delay (during which time you could, for example, alert the impacted users that their access will be removed if unused).
-
-## Automation steps reference
-
-An automation needs at least one step, and can have as many steps as you need. You can reorder steps if needed by using the arrow controls.
-
-| Step | Requires | Example |
-| :--- | :--- | :--- |
-| Send email | Recipient
Email title
Email subject
Email message | Send an email to three IT admins |
-| Send Slack message | Slack channel name
Message | Send a Slack message to the "New employees" channel |
-| Wait for duration | Time to wait before proceeding | Wait 30 minutes |
-| Create campaign | Access review template
User whose access will be reviewed | Create a new UAR campaign to review a departed user’s access |
-| Revoke entitlements | Target user
Entitlements to revoke
Entitlements to exclude | Create revoke tasks for all AWS entitlements except app access |
-| Grant entitlements | Target user
Entitlements to grant | Grant access to the "Engineering team" role in Jira |
-| Modify delegate | Target user | Remove this user as a delegate |
-| Remove access profiles | Target user
Access profiles to unenroll from (or check the box to unenroll from all) | Unenroll the user from three key access profiles |
-| Modify user status | Target user
New user status | Change a user’s status to Disabled in ConductorOne |
-| Run automation | Automation name
(Optional) Context in JSON format | Trigger a run of the "Secondary Offboarding Tasks" automation |
-| Perform task action | Whose tasks to take action on
Task type
Action to take | Assign all a user’s open review tasks to the head of Security |
-| Run webhook | Webhook name
Payload | Trigger a webhook that creates a ticket to deprovision Figma access |
-| Perform connector action (see below) | Connector name
Action name
Additional fields as determined by the connector action’s format | Lock an Active Directory account |
-| Create account (see below) | Connector name
Creation method
Additional values, depending on method | Create a new Greenhouse account |
-
-**Connector actions** are custom capabilities set up on a connector. Let our Customer Success team know if you’re interested in learning more or need help setting up a connector action.
-
-**Account creation** with the **Custom** user creation method uses the same connector-specific schema described in the [automatic account provisioning documentation](/product/admin/account-provisioning). If you select the **From ConductorOne user** creation method, ConductorOne will attempt to use the information it has about the user to create the new account.
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+**That's it!** You can review and update this automation on the **Unused access** section of the app's **Controls** tab (users with the **Super Admin** role can also see it on the **Automations** tab). You can also add additional usage-based automations to this app to further fine-tune how unused access is managed.
+
+ 
+