Just-in-Time (JIT) provisioning from an external Identity Provider (IdP) does not update user attributes. This occurs even when the profile sourcing and profile mappings are configured correctly for the external IdP. JIT provisioning functions as expected when creating a new user from the IdP.

• JIT Provisioning
• Inbound SAML
• Org2Org
• Attribute Level Sourcing

Attribute-level sourcing is incorrectly configured.

1. In the Okta Admin Console, go to Directory > Profile Editor.
2. Click Okta User (default) to edit the Okta profile.
3. Click the i button (for a predefined attribute) or the pencil icon (for a custom attribute) next to the attribute that needs to be updated via JIT provisioning from the inbound IdP.
4. In the Source priority field dropdown, select Override profile source.
5. In the Add source dropdown, select the name of the inbound IdP.
     
   NOTE: Multiple profile sources can be added using the dropdown. Priorities can be defined by dragging and dropping the sources as needed if there are multiple sources for the attribute.

Related References

• What is Profile Sourcing
• Attribute Level Mastering / Attribute Level Sourcing