Unable to send userid in "Application username" attribute Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Raja ShravanRaja Shravan 

Unable to send userid in "Application username" attribute

1. I was trying to send userid in "Application username" attribute but seeing my email address instead of userid the saml tracer. Is there a way to send userid in "Application username" attribute?

2. I have tried adding the same variable as in additional attribute field and able to see userid being sent successful.

The only difference between 1 and 2 is setting "Application username" to custom and variable name remains the same in 1 and 2.

<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">seeing my email id instead of userid</saml2:NameID>

<saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string" >seeing my userid with no issue</saml2:AttributeValue>

Thank you.
Josh SkeenJosh Skeen (Okta)
Hi Raja,

The recommended way to set up an application username format in a scenario like this is to actually use the Profile Editor to set the username format.

To do this, follow the below steps:
  1. Go to Okta Admin -> Directory -> Profile Editor
  2. Locate the app that you would like to set the username format of
  3. When you find that app in the Profile Editor list, click "Mappings"
  4. Once the new window with your mappings appears, make sure to click the "Okta to APP" tab at the top of the window - the page defaults to "APP to Okta".
  5. On the "Okta to APP" page you will likely see something that says "Username is set by APP - Override with mapping." You will want to click on this. Doing so brings up a box where we can then enter custom expressions for your username format.
  6. Here you will want to enter in the correct attribute that you want to pass over for your username. For instance, if you want to use your Okta login, you could put "user.login" (without quotes). Email would be user.email, and so on. You can also use a custom expression if you prefer. There is a good list of expressions here: https://developer.okta.com/reference/okta_expression_language/index
  7. After you set your username format, place a username in the "Preview" box in the bottom of the window to verify that the new mapping looks as you want.
  8. Once this is confirmed, click "Save Mappings" and then immediately after, click "Apply Updates Now" if you would like to immediately re-evaluate usernames for your users. After doing this, the username should send as you want.
This is actually the preferred way to set up a username format for an app like this, and in the future our SAML apps will be more closely tied to Universal Directory for username settings.

Thank you,

Josh Skeen
Technical Support Engineer