Login to Okta using email address and LDAP UID Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Ramanan HariharanRamanan Hariharan 

Login to Okta using email address and LDAP UID


We have our Okta environment set up to use email address as username. This is done in "okta username format" in Import Settings of LDAP directory integration, we have set it to email address. 

So, today when I try to login to Okta using username password, it works even when I enter the LDAP UID, without @abc.com
for ex: email - name@abc.com 
but If I enter name (LDAP UID) in username and password as LDAP password, it still works. 

Please let me know if this is an expected behavior, if so why ? 
if not, then would you be able to tell me how can I get rid of this behavior. 
Kevin TurnerKevin Turner (Okta, Inc.)
Yes this could be the case providing there is no name clash.

For example if ther was a user called clive.dunn@company.com and a user called clive.dunn@anothercompany.com then each user would have to use the full name and suffix.

If however there is only one user clive.dunn@company.com then he could only need to type clive.dunn.

Ramanan HariharanRamanan Hariharan
Thanks Kevin, 

Am I right in assuming that our Okta authenticates against email attribute from LDAP ? since this set up was done by one of our co-workers no longer with the firm, I want to know where should I look in Okta to determine against what attribute in LDAP does our Okta authenticate. 
Theo ChimbgaTheo Chimbga
Hi Ramanan,
To add to Kevin’s response, once Okta locates the right user in the Universal Directory, it knows which user account it corresponds to in LDAP as each has a unique distinguished name. So Okta checks using delegated authentication to confirm that the password entered by the user on logon matches the one on the LDAP account.


Ramanan HariharanRamanan Hariharan
Thanks Theo. 

To add onto your answer, how does okta locate the right user? is it something we do during initial set up ? if so would it be possible for me to look it up ? 
for ex: I could see that in import config settings in LDAP - there is a tab which is about passwords, similary I do not find anything about username. 
I am trying to figure out, what makes Okta determine, that whether the user should enter email address or LDAP user id when they login to Okta?