About Adaptable Workflows

Workflows are a powerful feature in Venafi Trust Protection Platform that allow you to wait for approvals, and to inject custom commands during remote key generation or provisioning.

Adaptable Workflows expand your ability to leverage workflows to meet several business needs:

  • External approvals. If you already have an enterprise change management control system in place, you can use an adaptable workflow to integrate that third-party tool into the certificate workflow process.

    For example, you could use the workflow to generate a change request in ServiceNow, and then take action on the certificate workflow depending on the result of the change request approval in ServiceNow.

  • Automatic approvals and rejections. With an adaptable workflow, you can automatically approve or reject requests depending on the business needs and internal processes of your organization. Using this feature can dramatically improve the time it takes for certificates to be issued. With a manual certificate workflow, you might wait for hours or days for a human to manually review and approve every certificate request. When an Adaptable Workflow script has approval business logic built-in, the approvals matching those parameters can be approved in just a few seconds.

    For example, you can automatically approve if the certificate is being renewed, or if the certificate is being renewed and nothing has changed between the current request and the previous version. You could also automatically reject the request if it includes an unsafe or unapproved keysize or algorithm.

  • Enhanced control over approvers. Using scripts you can have greater control over approvers, doing things like ensuring a trusted group is always added to every approval, or ensuring a person cannot approve their own request, even if they are normally authorized to perform approvals.

DID YOU KNOW?  For applications that require access to the Venafi Web SDK, Trust Protection Platform can manage authentication for you automatically, reducing the overhead in your PowerShell script. When implemented, each time your script is called, Trust Protection Platform requests a new token automatically. Each new token is associated with both the specified user and with the referenced application ID. After the script finishes running, Trust Protection Platform revokes the token automatically. To get started, see Adaptable Workflow prerequisites.

Take a look at our sample implementation on Venafi's Cool Solutions.