When implementing Multiple Identifiers, some optional attributes cannot be deleted from the Form Input even when they are set to “read-write.” The following error is encountered:

An attribute is configured with a Read Only or Hide permission level

• Multiple Identifiers
• Okta Identity Engine (OIE)

This issue can be encountered when an application is dependent on an attribute.

To resolve this issue:

1. Identify the app(s) using the problematic attributes from the error message.
2. Choose one of the following options:
   1. Unmap the attribute.
   2. Remap the attribute as Apply Mapping on create only.  
      1. Navigate to Directory > Profile Editor > Apps > select Mappings > locate the attribute and set it to Apply Mapping on create only.
      2. Then, in the profile editor (Directory > Profile Editor > User(Default)), click on the pencil icon adjacent to the attribute and then set the User Permission to Read-Write.  
3. After making the required attribute changes, add or remove any attributes as unique identifiers.
   • Navigate to Security > User Profile Policies > click on the pencil icon adjacent to the policy that should be edited > Identification tab.
4. Then, add or remove attributes on the Form Input (as required). 
   • Navigate to Security > User Profile Policies > click on the pencil icon adjacent to the policy that should be edited > select Enrollment and scroll down to Form Input.
5. Revert attributes set in step 2.b to read-only as necessary.