can I use user.id in expressions? Skip to main content
https://support.okta.com/help/answers?id=906f0000000i0vvia0&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Suman HanmandlaSuman Hanmandla 

can I use user.id in expressions?

I am unable to use user.id in expressions - it throws an errors when I use the below expression for Username for an app.

user.employeeNumber!= null ? user.employeeNumber: user.id
Best Answer chosen by Niki (Okta, Inc.) 
Gabriel SrokaGabriel Sroka (Okta, Inc.)
Hi Suman
In Postman, you get a "profile" section. This is the only section you can use.

From http://developer.okta.com/docs/api/resources/users.html
 
{
  "id": "00ub0oNGTSWTBKOLGLNR",
  "status": "ACTIVE",
  "created": "2013-06-24T16:39:18.000Z",
  "activated": "2013-06-24T16:39:19.000Z",
  "statusChanged": "2013-06-24T16:39:19.000Z",
  "lastLogin": "2013-06-24T17:39:19.000Z",
  "lastUpdated": "2013-06-27T16:35:28.000Z",
  "passwordChanged": "2013-06-24T16:39:19.000Z",
  "profile": {
    "login": "isaac.brock@example.com",
    "firstName": "Isaac",
    "lastName": "Brock",
    "nickName": "issac",
    "displayName": "Isaac Brock",
    "email": "isaac.brock@example.com",
    "secondEmail": "isaac@example.org",
    "profileUrl": "http://www.example.com/profile",
    "preferredLanguage": "en-US",
    "userType": "Employee",
    "organization": "Okta",
    "title": "Director",
    "division": "R&D",
    "department": "Engineering",
    "costCenter": "10",
    "employeeNumber": "187",
    "mobilePhone": "+1-555-415-1337",
    "primaryPhone": "+1-555-514-1337",
    "streetAddress": "301 Brannan St.",
    "city": "San Francisco",
    "state": "CA",
    "zipCode": "94107",
    "countryCode": "US"
  },
//  ...

 

All Answers

Gabriel SrokaGabriel Sroka (Okta, Inc.)
Hi Suman
user.login is the built-in attribute. Is that what you mean? Or do you have a custom attribute called user.id?
Suman HanmandlaSuman Hanmandla
I believe every user in OKTA is assigned with a UID(alpha numeric code). Is there a way I can map this to an attribute in SAML and send this to a SP application?
Suman HanmandlaSuman Hanmandla
For example, when I invoke the getUser API call using Postman, one of the field that I get is  
"id": "00u60gsb7mh1Zu9d40h7",

Is there a way I can use this field either in OKTA SAML field(Custom attribute) or use this field in custom expression like user.employeeNumber!= null ? user.employeeNumber: user.id
Gabriel SrokaGabriel Sroka (Okta, Inc.)
Hi Suman
In Postman, you get a "profile" section. This is the only section you can use.

From http://developer.okta.com/docs/api/resources/users.html
 
{
  "id": "00ub0oNGTSWTBKOLGLNR",
  "status": "ACTIVE",
  "created": "2013-06-24T16:39:18.000Z",
  "activated": "2013-06-24T16:39:19.000Z",
  "statusChanged": "2013-06-24T16:39:19.000Z",
  "lastLogin": "2013-06-24T17:39:19.000Z",
  "lastUpdated": "2013-06-27T16:35:28.000Z",
  "passwordChanged": "2013-06-24T16:39:19.000Z",
  "profile": {
    "login": "isaac.brock@example.com",
    "firstName": "Isaac",
    "lastName": "Brock",
    "nickName": "issac",
    "displayName": "Isaac Brock",
    "email": "isaac.brock@example.com",
    "secondEmail": "isaac@example.org",
    "profileUrl": "http://www.example.com/profile",
    "preferredLanguage": "en-US",
    "userType": "Employee",
    "organization": "Okta",
    "title": "Director",
    "division": "R&D",
    "department": "Engineering",
    "costCenter": "10",
    "employeeNumber": "187",
    "mobilePhone": "+1-555-415-1337",
    "primaryPhone": "+1-555-514-1337",
    "streetAddress": "301 Brannan St.",
    "city": "San Francisco",
    "state": "CA",
    "zipCode": "94107",
    "countryCode": "US"
  },
//  ...

 
This was selected as the best answer
Suman HanmandlaSuman Hanmandla
I guess the question was not clear... Thank you for pasting the JSON response for User profile. If you see the "id": "00ub0oNGTSWTBKOLGLNR" - can I get this ID value using Expression Language from OKTA Admin Login in the context of an SAML application attribute? Let me know if the question is not clear.
Gabriel SrokaGabriel Sroka (Okta, Inc.)
You can only use the attributes contained in the "profile" section. In the sample JSON above, you can use login, firstName, lastName, etc. This includes both base and custom attributes from the Profile Editor. You cannot use id, status, created, etc.
Rodney CoxRodney Cox
Gabriel,
If I created a custom attribute, would wit show up in the profile section?
Gabriel SrokaGabriel Sroka (Okta, Inc.)
Hi Rodney,
Yes, custom attributes show up, too.
Suman HanmandlaSuman Hanmandla
Thanks Gabriel for the update, appreciate it