User(s) cannot log into Okta unlessing using their UPN Skip to main content
https://support.okta.com/help/answers?id=906f0000000hzwfiac&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Lia ChaLia Cha 

User(s) cannot log into Okta unlessing using their UPN

As stated in the title, I have a user who suddenly cannot log into their Okta account unless we have him use his UPN. Has anyone ever seen this before? 

Looked at the logs and doesnt appear to be any odd error messages other than "bad username and/or password". I've done several password resets and the only time I'm able to get in is when we type out the UPN as the username.
api-workday api-workdayapi-workday api-workday
Hi Lia,

This occurs when the lefthand portion of a username is no longer unique within the org.

Okta has a default ambiguous name resolution policy for logins. Users can login with their non-qualified shortname (e.g. isaac.brock with loginisaac.brock@example.com) as long as the shortname is still unique within the organization.

for a variety of reasons i cannot gaurantee uniquenss of the short username within my org and the instruction to my users has been to always login with the fully qualified username (UPN).

I've also added a little hint to assist with this in Settings->Customization i've modified the username info tip to state username@ourdomain.tld to help remind my users to provide their UPN.

Hope that helps,
-Matt
 
Lia ChaLia Cha
Hi Matt,

That makes sense. I was actually looking at that too I just found it weird when i typed in the user's username in okta admin that two names came up but one was under a random domain. Thanks a lot though. I'll try to resolve this on my end.