Update Okta User's Primary Email Skip to main content
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Tiffany LTiffany L 

Update Okta User's Primary Email

Is there a way to update a user's primary email address? Our environment is mastered by AD and a user had an alias entered as his AD email instead of his official email. We've corrected and re-imported into Okta, however the correct email is now listed as the user's secondary email and the original alias is still listed as the primary.

Is there a way to correct this?
Darron HellmannDarron Hellmann (Okta)
Hi Tiffany

Thanks for the community participation. Updating the primary email address from an Active Directory mastered user needs to be performed in Active Directory and pushed to Okta. Is the user's primary email address listed under the "E-mail" field in Active Directory? If you'd prefer more acute attention to this issue, please submit a support ticket and we'd be happy to assist you.
Tiffany LTiffany L
Yes - I updated the email address in the AD email address field (double checked and the old email is nowhere in AD), then imported to Okta, but Okta applied the corrected email address to the secondary email address field. I just posted in community in case other people had questions about updating AD mastered information.
Krishnan VenkatramanKrishnan Venkatraman (Okta, Inc.)

If you updated your email address properly in AD. it should update Okta primary email address value. I would check two things.

1) Check the directory profile mappings. May be there is something missing. Go to admin console under directories- directory integrations. Click on the active directory you want to manage . Under settings go all the way to the bottom where you can manage profile attributes. Click on edit mappings and check the email mapping. It should be "appuser.email != null ? appuser.email : appuser.userName". 
2) Also make sure to check whether AD is a profile master. You can check this under AD settings page itself. profile master should be checked.

Bethlehem (Admin) YosephBethlehem (Admin) Yoseph
I am experiencing the same issue.  After the Primary email was updated in AD, the change did not take effect after the next sync.  I had to disconnect the user, wait for the sync and had to reconfirm him for the updated primary email address to display.