Custom exppression Skip to main content
https://support.okta.com/help/answers?id=9062a000000bmcsqaq&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Nidhin C KNidhin C K 

Custom exppression

Hi Experts,

For ServiceNow SSO integration, we have selected "AD SAM account name" as the application username format for login to ServiceNow application. But we do have some external customers who is not present in AD but present in Okta, and we would like to use Employee Number for them to login insted of samAccountName.

So i need to create a custom expression such a way that if user does not have a "AD SAM account name" the it should use employeenumber for authentication.

But i could not even try to pull the user samAccountName using custom attribute

For eg:- when i try to preview this exppression, i get error message as "Property user.samAccountName not found"
${user.samAccountName}

 
Best Answer chosen by Nidhin C K
Patrick WilcoxPatrick Wilcox (Okta, Inc.)
The custom option in the dropdown for App Username on the Sign On tab of an application only allows for customization of the 4 main attributes: first name, last name, email, and Okta username.  I would recommend setting the app username using Universal Directory using an expression like: user.sAMAccountName != null ? user.sAMAccountName : user.employeeNumber

All Answers

Patrick WilcoxPatrick Wilcox (Okta, Inc.)
The custom option in the dropdown for App Username on the Sign On tab of an application only allows for customization of the 4 main attributes: first name, last name, email, and Okta username.  I would recommend setting the app username using Universal Directory using an expression like: user.sAMAccountName != null ? user.sAMAccountName : user.employeeNumber
This was selected as the best answer
Nidhin C KNidhin C K
Thanks Patrick! I just used below custom expression in Profile editor.
hasDirectoryUser()?findDirectoryUser().samAccountName:user.employeeNumber