IT OPS

Approved-Seat Deprovision Execution

Fires when an IT approver confirms a seat for removal, then executes deprovisioning via the IdP API and logs the action to an audit table and a Linear cleanup ticket.

CategoryIT Ops

Enginesim

Difficultyadvanced

Triggerwebhook

Steps5

Setup~25 min

How it runs

The automated pipeline, trigger to output.

TriggerApproval webhook receivedHTTP webhook
LogicValidate approval and seat still flagged
ActionRevoke seat via IdP admin APIHTTP webhook
ActionWrite reclamation audit recordPostgres
OutputOpen Linear cleanup ticketLinear

What it does

This workflow is the execution arm of seat reclamation. When an approver confirms a flagged seat should be removed, it calls the identity provider's API to revoke the license, records the change in an audit table, and files a Linear ticket so any downstream cleanup (data export, mailbox handling) is tracked.

When to use it

Pair it with a detection workflow that surfaces idle seats for approval. Use this when you want approved removals carried out automatically with a full audit trail, rather than IT clicking through admin consoles by hand.

How it works

1An approval webhook fires carrying the seat, app, and approver identity.
2A logic step validates the approval payload and confirms the seat is still flagged.
3The flow calls the IdP/SaaS admin API to revoke the seat.
4It writes a reclamation record (who, what, when, approver) to the Postgres audit table.
5It opens a Linear ticket for post-removal cleanup and confirms completion back to the requester.

Set it up

What you configure once, before turning it on.

1
Connect HTTP webhookTrigger any URL on agent actions.
2
Connect PostgresAny Postgres URL — query, write, migrate.
3
Connect LinearIssues, projects, cycles, triage.
4
Set each agent's modelWe leave models unset so you pick the tier — fast + cheap, or top-quality.
5
Tune it to your dataEdit the prompts, filters, and field mappings so it matches how your team works.
6
Test, then turn it onRun once against a sample, confirm the output, then enable the trigger.

More IT Ops workflows

Recurring Sensor Fault Root-Cause Investigator

On a schedule, an agent reviews recent Monday work orders and BigQuery telemetry to identify equipment with repeating faults, drafts a root-cause hypothesis with a recommended fix.

Daily Building Anomaly Digest to MS Teams

Each morning queries BigQuery for the prior day's flagged sensor anomalies, summarizes them by site and system into a ranked briefing.

Agentic Inactive-Seat Reclamation Review

An agent investigates each idle SaaS seat by correlating SSO login gaps with HR status and ticket history, classifies it as reclaim, hold, or escalate, and drafts a reasoned…

Reconcile SSO logins against expense spend to find unmanaged tools

Joins SSO usage data with expense/payment records in Snowflake to surface tools that are being used but not paid for, or paid for but never logged.

HVAC Anomaly Detection to Severity-Routed Work Orders

Ingests building HVAC telemetry via webhook, flags out-of-band temperature, pressure, or runtime readings.

Outlook Room Conflict Resolver with Approval Gate in Teams

When an Outlook room clashes, proposes a rebooking and asks the bumped meeting's organizer to approve the move in Microsoft Teams before any change is made.

Browse all IT Ops →

Run it inside a business

This workflow drops into a full company template. Import the org, and this is one of the playbooks its agents run.

E-commerce

E-commerce Operator

Listings, support, inventory, and ads — running 24/7.

Finance

Research & Trading Desk

Governance-first research, execution, and risk — every trade on the audit trail.

Operations

Internal Operations

Runbooks, on-call, vendor management — disciplined and audited.

Browse all business templates →Solutions by industry →

Run this workflow in your colony.

14-day trial. No DevOps. No Sales call. Provisioned in under a minute.

Join the Waitlist Browse all workflows →