Evaluation of Group Membership rules Skip to main content
https://support.okta.com/help/answers?id=9062a000000xzuzqaw&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Ketan SolankiKetan Solanki 

Evaluation of Group Membership rules

Our understanding is that when group membership rules are created and activated, Okta performs the evaluation check and assign memberships. But we do not see that happening in our org. How do we make Okta to evaluate rule conditions and assign memberships to Okta groups.
Adam LoweAdam Lowe (Okta, Inc.)
Evluation of the rull will occur at the time the rule is created or modified.  There is no schedule they run on, and there is no explicit button you can click to trigger it to occur.  Rather, the rule will be evaluated based on triggers.  So for example, if you have a rule to add a user to a group based on an attribute for the user, having that user update that attribute would be one of the triggers that cause the evaluation of the group rule to occur.

We would need more information to determine the source of the issue with your particular case, so you may wish to open a case with Okta Support.

For example:  If you're not getting the desired results, it may be an issue with the rule you've created.  If you're not getting the desired results right away, it could be the job evaluating your group rule is still running.  Dependong on how many users you have, this could take several minutes, as opposed to immeidately or within seconds.

Linked below is documentation on Groups, and you'll find a section on group rules:
https://help.okta.com/en/prod/Content/Topics/Directory/Directory_Groups.htm
Ketan SolankiKetan Solanki
It is not an issue with rules because any new user created/updated satisfying rule condition are being added fine. It is just the existing users that are not being added to group. Existing user do satisfy the condition because we verified that in rule Preview.