<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
The Okta User Profile and Application User Profile
Sep 9, 2025
Lifecycle Management
Overview

Okta defines users in the Universal Directory using two primary User Profile types:

  • Okta user profile type
  • App user profile type

The Okta User Profile is further divided into two types: Group Profile types and Custom Profile types.

Applies To
  • Okta User Profile
  • Application User Profile
  • Universal Directory
  • Lifecycle Management
Solution

In this short video, learn about the Okta User Profile and Application User Profile.

 

 

Okta User Profile type

The Okta User Profile type defines the default user record used in the Universal Directory. The default user profile contains 31 attributes in accordance with the RFC System for Cross-Domain Identity Management: Core Schema (opens a new window) and can also be extended with custom attributes.

 

The only base attributes that can be modified or removed are First Name and Last Name. Mark these attributes as required or optional for Okta-sourced users. To import users with empty First Name and Last Name attributes, these attributes must be marked as optional in Okta, or the import fails.

 

The default format for the Username attribute is an email address. Use the Format Restriction control to change the default format or replace it with a specific set of allowable characters.

 

Custom user attributes can be added to define additional user settings. When creating custom attributes, it is not allowed to use these reserved keywords: "id", "profile", "status", "transitioningtostatus", "created", "activated", "statuschanged", "lastlogin", "lastupdated", "passwordchanged", "type", "realm", "realmId", "password", "credentials", "_links", "_embedded", "class", "classloader".


App User Profile type

An App User Profile lists the app attributes that Okta can read and write to (read-only for identity providers). An app profile controls the attributes that Okta pushes to an app or imports from an app.

 

The App User Profile type defines the attributes available for a user of that application in the Universal Directory. The app user profile attributes are mapped to the user profile and determine the data that can be sent to or imported from an app. Similar to user profiles, the app user profile has base attributes and custom attributes. The available custom attributes, however, are determined by the application. Manage the app user profile type with the Apps API. Review the Application User Profile object and the Application User object for further details.

 

Like user profiles, app profiles have both base attributes and custom attributes. App User Profiles can only be extended with attributes from a predefined list that Okta dynamically generates. Okta generates the list of attributes by querying the third-party application or directory for supported attributes. Each app controls which custom attributes it supports. The Okta profile can only be customized with attributes that the app supports. It is not possible to create a custom attribute for an app.
 

Related References

Recommended content

Still looking for help?
Loading
The Okta User Profile and Application User Profile