Changelog

The Developer API Client tokens are now integrated with GitHub’s secret scanning feature. When your API tokens are accidentally committed and found on public GitHub repositories, we will revoke them to block unauthorized access to your Workato workspace, and send your admins an email alert.

Find out more about this secret scanning feature.

This API call clears the secrets management cache to retrieve the latest available credentials from your external secrets manager, whether that’s AWS Secrets Manager or Hashicorp Vault. This allows you to update your secrets regularly with no disruptions to active recipes.

For tighter security, we’ve extended support for secrets manager, Hashicorp Vault, to our on-prem agents (OPA) and on-prem groups (OPA).

We’re excited to share that Workato now supports HashiCorp Vault secrets engine, a security feature many of our customers have been asking for.

HashiCorp Vault is an external secrets manager that lets you store and retrieve passwords and API tokens in a secure way. And trust us, this comes in super handy when you create or update a connection on Workato.

Here’s a quick guide on setting it up for your workspaces.

We introduced API Clients for Developer APIs this January, which allows users to grant clients granular role and project-based app access. It’s now enhanced with:

• IP Whitelisting
• Developer APIs to manage API clients
• Support for project-level lookup tables, project properties, API Platform collections and API Platform Clients
• Recipe Operator connector support for API Client tokens

See API Clients’ documentation for more.

More audit events have been added, to track changes to a workspace’s security and permissions settings.

This allows admins more visibility to troubleshoot changes.

See the full list of account activities tracked.

We have launched status pages for each region, so users can monitor our systems’ status, check for incidents—and subscribe to email updates.

• USA status page
• Europe status page
• Singapore status page
• Japan status page 

With API Clients, users can now grant clients granular role and project-based app access. For greater security, view-once tokens are now available. Read this update’s documentation, or go to the revamped Workspace Access to start configuring.

SCIM Provisioning allows our customers to automate the entire user lifecycle management process. From the time a user joins the company and needs access to Workato (provisioning), requires more privileges (profile updates), and finally, to the time they leave (de-provisioning). This eliminates any manual and error prone actions that IT admins must take on the Workato platform as provisioning actions will be automatically synced with their identity provider (IdP) like Okta, OneLogin etc..  This release includes:

• Full lifecycle management actions (Create users, update user attributes like workato_role, and de-provision users with supported IdP's like Okta, OneLogin, CyberArk Idaptive)
• Ability to provision single or multiple Workato Workspaces from identity platforms
• Ability to remove environment / Workspace access from identity platforms
• Ability to provision, update, de-provision users at the individual or group level
• Track all access related changes on audit logs across all environments and differentiate between automatic and manual changes

Learn more about account provisioning with SCIM by checking out the documentation.