Automating Employee Onboarding

New hire starts Monday. HR sends you their info on Friday afternoon. You spend the weekend creating accounts, configuring devices, setting up access. Monday morning, something's wrong with their email. Sound familiar?

This was our reality. Now, HR enters a new hire into our HRIS and everything else happens automatically. Accounts created, devices enrolled, access granted, manager notified. Fifteen minutes, zero IT intervention.

The Trigger

Everything starts in the HRIS (we use Rippling, but the pattern works anywhere). When a new employee is added with a start date, a webhook fires. That webhook triggers an Okta Workflow.

The Flow

The workflow does several things in sequence:

Create identity. Okta account with appropriate group memberships based on department and role. This automatically provisions access to downstream apps through SCIM.

Assign device. API call to Jamf to assign a pre-staged device from inventory. The device is already configured with their name and ready to ship.

Create accounts. Google Workspace, Slack, Zoom—anything not covered by SCIM gets created via API.

Send notifications. Manager gets a Slack message with the new hire's info. IT gets a summary. Employee gets a welcome email with everything they need.

Error Handling

Automation without error handling is a time bomb. Every step in our flow checks for success before proceeding. Failures get logged, alerts get sent, and there's a manual fallback process documented.

We also built in idempotency. If something fails halfway through and you need to re-run the flow, it won't create duplicate accounts or send duplicate notifications.

The Numbers

Before: 4+ hours of IT time per new hire, usually spread across multiple days with back-and-forth.

After: 15 minutes of automated processing, zero IT time for standard onboards.

That's not just efficiency—it's a better employee experience. Day one, everything works. No waiting for access, no apologizing for missing accounts. Just a person ready to do their job.