Confirming or importing an Active Directory (AD) user to Okta fails when the email address contains leading or trailing whitespace. To resolve this issue, remove the whitespace from the email address in Active Directory and reattempt the import.
The failure occurs despite the email address appearing in the standard <user@domain.com> format. Okta generates one of the following errors:
Email should be properly formatted,
or
email field failed validation with value 'user@domain.com ': Does not match required pattern.
- Okta Identity Engine (OIE)
- Okta Classic Engine
- Directories
- Active Directory (AD)
There is a leading or trailing whitespace before or after the email address in Active Directory. Okta generates the following event in the System Log:
Create okta user
FAILURE:
Expanding the event reveals the following validation errors:
login field failed validation with value ' user@domain.com': Username must be in the form of an email address.<br/>email field failed validation with value ' user@domain.com': Does not match required pattern.<br/>
If the user already exists, Okta displays the following error:
ErrorCode: doesNotMatchPattern
How is the email format error resolved?
To resolve the email format error, remove any leading or trailing spaces from the user's email address in Active Directory and reattempt the import process as described in the video or steps below.
- Reset the user email address in Active Directory to ensure there are no spaces before or after the email address.
- Reattempt the import in Okta.
