LDAP Import Error 400 Bad Request
Mar 3, 2026
Okta Classic Engine
Directories
Okta Identity Engine
Overview
Imports from LDAP are failing. The following error can be found in the LDAP agent logs:
Error while posting data back to Okta=HTTP/1.1 400 Bad Request
Applies To
- Directories
- LDAP
- Imports
Cause
Unsupported characters exist in the data being imported from the LDAP database.
Solution
Okta supports a subset of the UTF-8 specification character set that can be encoded in three bytes or fewer. Basic Multilingual Plane (BMP) or supplementary characters that must be encoded using four bytes are not supported.
- Enable verbose logging on the LDAP Agent using the instructions in Locate the Okta LDAP agent log.
- In the verbose logs, look at the data in the blob that Okta received before the POST that caused the error on the
scanDataendpoint to search for illegal characters.- For example, run a regular expression (regex) search in a Notepad++ document containing that data segment to find all non-UTF-8 characters.
[\x00-\x08\x0B\x0C\x0E-\x1F\x7F-\x9F]
- For example, run a regular expression (regex) search in a Notepad++ document containing that data segment to find all non-UTF-8 characters.
