Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

OneWelcome Identity Platform
- Explore Thales Docs

IDAAS core
User journey orchestration
Consent and preference management
Identity broker
Delegated User Management v2
Externalized authorization
Delegated user management
- Getting started
- Roles
- Rules
- User management
- Self service page
- Data
- APIs
- Apps
- Jobs
- Reports
Risk management
- Essential rules
- Default policies (Essential)
Mobile identity
- Mobile identity - Access component
- Mobile identity - Tulip
Mobile SDK
API references
Release notes and FAQ
Integrations
Identity Orchestrator (IO)

All

All

Add flow

API flows

Please Note:

Add flow
Authentication flows
Self-service flows
Admin flows
API flows
Consent flows
Custom flows
Library flows

Was this document helpful? Yes No

Feedback Sent!

If you like, you can provide additional feedback.

OneWelcome Identity Platform
Add flow
API flows

API flows

An API flow defines how external systems interact with IO through programmatic interfaces.

These flows handle inbound or outbound API calls and webhook events, enabling integration with third-party services, custom applications, or backend systems. They are typically used to process automated requests, exchange data, and trigger actions within IO without user interaction.

API flows support secure, event-driven, and system-to-system communication.

Add an API flow

Open the left sidebar and select Visual Identity Orchestrator from the menu.
This will display a list of flow categories, select API.
Press ADD button.
Complete the configuration by following the steps described in the add flow section, starting from step 5.

Common use cases

Web hook handlers

Process incoming webhooks from external services:

Payment provider notifications
Third-party authentication events
Data synchronization triggers
External system status updates

Data synchronization

Keep data synchronized between systems:

User profile updates
Account status changes
Bulk user operations
Periodic data refreshes

Integration endpoints

Provide API endpoints for custom integrations:

Custom authentication flows
Specialized data queries
Business-specific operations
Legacy system integrations

Event-driven workflows

React to system or external events:

User lifecycle events
Security events
Business rule triggers
Scheduled operations

Security considerations

Authentication: Require proper authentication for API calls (API keys, OAuth tokens, etc.)
Authorization: Verify that the calling system has permission for the requested operation
Input validation: Thoroughly validate all input data
Rate limiting: Implement rate limiting to prevent abuse
Logging: Log all API interactions for audit and debugging

Best practices

Idempotency: Design API flows to handle duplicate requests safely
Error handling: Return meaningful error codes and messages
Versioning: Plan for API flow versioning from the start
Documentation: Document API contracts clearly
Testing: Test with realistic data and error scenarios

Next steps

Consent flows
Custom flows
Design flows

On this page

OneWelcome Identity Platform

© Copyright 2019-2026, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Customer Release Notes
- Support Contacts
Legal
- End User License Agreement
- Terms of Service

© Copyright 2019-2026, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com