When using a custom expression language for the Application username format in the Okta Integration Network (OIN) Calendly application, provisioning issues can occur. This is often due to a mismatch between how Okta is configured to send user information and what the Calendly System for Cross-domain Identity Management (SCIM) API expects.

• Okta Identity Engine (OIE)
• Okta Integration Network (OIN)
• Provisioning
• Lifecycle Management

The Calendly SCIM API uses the userName attribute to identify users, which must be their primary email address. A common cause for this issue is a misconfiguration in Okta where the Unique identifier field for users is not set to userName, or the Application username format in the Sign On tab is not set to Email, leading to a provisioning failure.

To resolve this issue, configure a Custom SAML 2.0 SCIM On Cloud for Calendly instead of the OIN application. Once this is configured, follow these steps to ensure consistency between Okta and Calendly:

1. In the Okta application's Provisioning tab, navigate to Settings > Integration. For the Unique identifier field for users, enter userName. This ensures Okta uses the correct field when communicating with Calendly via SCIM.
2. In the Okta application's Sign On tab, ensure the Application username format is set to Email to maintain consistency and a proper user identifier.

Related References

• How to configure Okta SAML SSO
• How to set up SCIM with your identity provider