Embedded APIResourcesManage customers

Create customer

Creates a new Embedded customer.

PREVENT 400 BAD REQUEST ERRORS
Avoid providing environments[error_notification_emails] and environments[external_id] for the dev environment. If these values conflict with notification_email and external_id specified in the main request body, the API returns a 400 Bad Request error due to conflicting assignments for the same attribute.Instead, use notification_email and external_id for the dev environment and reserve environments[error_notification_emails] and environments[external_id] for the test and prod environments.

Headers

AuthorizationstringRequired

Bearer authentication of the form Bearer <token>, where token is your auth token.

Request

This endpoint expects an object.
namestringRequired
Full name of the customer.
notification_emailstringRequired
Email for error and administrative notifications.
oauth_idstringOptional
The identifier used for OAuth authentication.
auth_settingsstringOptional
Authentication settings for the customer workspace.
auth_settings[type]stringOptional

Specifies the authentication type. Accepted values include workato_auth, two_fa_auth, and saml_sso.

auth_settings[provider]stringOptional

The identity provider name. Required if using saml_sso as the auth_settings[type]. Accepted values include okta, onelogin, and others.

auth_settings[metadata_url]stringOptional

The URL of the identity provider’s metadata XML file for configuration details. Required if auth_settings[sso_url], auth_settings[saml_issuer], and auth_settings[x509_cert] are not provided.

auth_settings[sso_url]stringOptional

The single sign-on URL provided by the identity provider for user authentication. Required if auth_settings[metadata_url] is not provided.

auth_settings[saml_issuer]stringOptional

A unique identifier for the identity provider, often used to identify the issuer of SAML assertions. Required if auth_settings[metadata_url] is not provided.

auth_settings[x509_cert]stringOptional

The X.509 certificate from the identity provider. This is used to verify SAML assertion signatures. Required if auth_settings[metadata_url] is not provided.

auth_settings[jit_provisioning]stringOptional

Choose to enable Just-in-Time (JIT) provisioning, allowing Workato to create user accounts upon first sign-in.

auth_settings[saml_role_updates_allowed]booleanOptional

Determines if role sync with the SAML identity provider is enabled. Defaults to true.

auth_settings[saml_required]booleanOptional

Indicates if SAML authentication is enforced for the customer. Defaults to true.

environmentslist of anyOptional
An array of environment objects specifying configurations such as external IDs and error notification emails for each environment.
environments[environment_type]stringOptional

Specifies the environment type for creating customer information. Accepted values include dev, test, and prod.

environments[external_id]stringOptional

External ID for the test or prod environments. Use external_id in the main request body for the dev environment.

external_idstringOptional
External identifier for the Embedded customer.
origin_urlstringOptional

Applies to Embedded account customers. Provide a value if the embedded IFrame is hosted in a non-default origin page. For example, customer specific custom domains. Defaults to the origin configured at the account level.

frame_ancestorsstringOptional

Provide one or more comma-separated frame ancestors. These URLs are used in the Content-Security-Policy HTTP header to allow rendering of Workato IFrames.

plan_idstringOptional
Plan ID. Default plan is used when value is not provided.
timeout_idstringOptional

Timeout in seconds. The following values are accepted:
- 900 (15 minutes)
- 1800 (30 minutes)
- 2700 (45 minutes)
- 14400 (4 hours)
- 28800 (8 hours)
- 43200 (12 hours)
- 86400 (1 day)
- 172800 (2 days)
- 259200 (3 days)
- 604800 (7 days)
- 1209600 (14 days)

time_zoneenumOptional
The name of the timezone of the user. Defaults to PST if not specified.
whitelisted_appslist of stringsOptional
List of approved applications.
full_embeddingbooleanOptional

When set to true end users are sent to the customer account’s origin_url. Set to false to turn off the fully embedded redirect process at the customer account level. If you do not specify this value it defaults to null and inherits this value (true or false) from the Embedded partner’s admin settings.

Response

Success response
idinteger or null
Unique identifier of the account
external_idstring or null
External identifier of the account
namestring or null
Account name
environmentslist of objects or null
List of environments associated with the account
notification_emailstring or null
Notification email
full_embeddingboolean or null
Indicates whether full embedding is enabled
admin_notification_emailsstring or null
Admin notification emails
error_notification_emailsstring or null
Error notification emails
plan_idstring or null
Plan identifier
origin_urlstring or null
Origin URL, null if not applicable
trialboolean or null
Indicates whether this is a trial account
in_trialboolean or null
Indicates if the account is currently in trial
whitelisted_appslist of strings or null
List of whitelisted applications
frame_ancestorsstring or null
Frame ancestors, null if not applicable
created_atstring or null
Timestamp when the account was created
updated_atstring or null
Timestamp when the account was last updated
time_zonestring or null
Time zone of the account
team_namestring or null
Team name associated with the account
auth_settingsobject or null
current_billing_period_startstring or null
Start of the current billing period
current_billing_period_endstring or null
End of the current billing period
task_countinteger or null
Number of tasks executed
active_connection_limitinteger or null
Maximum number of active connections
active_connection_countinteger or null
Current number of active connections
active_recipe_countinteger or null
Number of active recipes

Errors