Sometimes, it is necessary for a company to change the profile source for users as it evolves in time, so profile source switches will occur between profile sources. This process should be taken in steps, as it has the potential to make drastic changes in user environments and lock out users from their applications and data. It is advised to make the transition gradually and supervised. If specialized help is required, we have our dedicated Professional Services team, which can assist with the transition and provide a fast resolution of the issue and logistics of the transition. More information about the Professional Services team can be found by discussing the issue with the Account Executive assigned to the account.

• Active Directory
• BambooHR
• Workday
• SuccessFactors
• Profile Source
• Okta Universal Directory

To safely remove an application as the profile master in Okta, follow these steps:

1. Identify a test user

Choose a single user account that can be used for testing the impact of removing the profile master. This user should ideally be non-critical to daily operations.

2. Test for a single user (recommended)

   1. Remove the application assignment from the test user.
      • In Okta, navigate to the test user's profile. Go to the Applications tab and remove the assignment of the application that is currently the profile master for this user.
   2. Observe the attribute changes.

After removing the assignment, carefully examine the test user's Okta profile. Note any changes to the attributes that were previously mastered by the application. This step helps identify which attributes will be affected when the application is no longer the profile master.

3. Gradually modify Attribute Level Mastering (ALM) with Override Profile Master (if multiple profile masters exist)
   1. Navigate to Okta Admin Console > Directory > Profile Editor.                                                                   
         
   2. Find and select the Okta User Profile.
       
   3. Review the attribute mastering. For each attribute currently mastered by the application that should be removed, click the blue button, check Source priority, and select Inherit from Okta.
   4. Then, click Save Attribute.

4. Verify User Attributes in Okta

Before disconnecting the application, ensure that all necessary user attribute values are present and correct in the Okta User Profile. This includes all data that was previously synchronized from the application. Any missing or incorrect attributes will need to be addressed after the application is disconnected.

5. Disable scheduled imports

If the application has any scheduled imports into Okta, set the import schedule to Manual or Never Import. This will prevent any further automatic updates from the application during the disconnection process.

6. Disable Profile Mastering

Remove the application as the profile master in Okta.

7. Review and Update Attribute Mappings

In the Okta Profile Editor, review the attribute mappings and adjust them as necessary to ensure user profiles in Okta continue to be updated correctly after the application is disconnected. This may involve mapping attributes to different sources or setting default values.

8. Post-disconnection of Attribute Management

• • If any attributes are incorrect or missing in Okta after removing the application, update them manually. Options include:
    • Individual user profile updates in the Okta Admin Console.
    • Bulk updates using a CSV import.

9. Testing (Strongly Recommended)

It is strongly recommended that these steps be performed in a non-production (test) environment first. This will allow verifying the process and identifying any potential issues before making changes in the production Okta environment, minimizing the risk of data loss or disruption.