<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Expected Behavior of "Assign a Delegate" User Selection Field
Nov 3, 2025
Okta Classic Engine
Identity Governance
Okta Identity Engine
Overview

The purpose of this article is to describe the expected behavior when attempting to locate a user while leveraging the Assign to delegate feature located on the Delegate tab under Directory > People > Okta User.

Delegate tab

Applies To
  • Okta Identity Governance
  • Adding a delegate
Cause

When attempting to locate a user by using the Assign a delegate that contains a non-standard firstName or lastName structure, the user may not be found.

Solution

When typing into the Assign a delegate field, an API call will be made to the Okta /users API endpoint with the search parameter. The search can return up to 200 matching records, populating the drop-down menu. The structure of the search is dependent on the character types entered into the field.

The Assign a delegate search field requires exactly three characters for the initial search for the user to occur. Once three characters are typed in, the API call to the /Users endpoint will be made with the following conditions:

(profile.firstName sw "john" OR profile.lastName sw "john") AND ((status lt "SUSPENDED" or status gt "SUSPENDED") AND (status lt "DEPROVISIONED" or status gt "DEPROVISIONED"))
  • The user does not have a status of SUSPENDED or DEPROVISIONED.
  • The firstName or lastName user attribute starts with the value typed in.

If a space is included in the typed string of text, the behavior of the search will change to treat the second typed-in character after the space as a lastName.

(profile.firstName sw "john" AND profile.lastName sw "doe") AND ((status lt "SUSPENDED" or status gt "SUSPENDED") AND (status lt "DEPROVISIONED" or status gt "DEPROVISIONED"))
  • The user does not have a status of SUSPEND or DEPROVISIONED.
  • The firstName attribute starts with the first characters typed in before the space, and the lastName attribute starts with the characters typed in after the space.

Some names are unsearchable. Below are some examples of firstName of "john" with/without spaces and lastName of "doe" with/without spaces:

  • j ohn d oe  > not searchable.
  • john d oe  > searchable with "john" for firstName and lastName match, reliable as long as there are less than 200 results.
  • jo hn d oe >  searchable with firstName of "jo "  jo space.
  • j ohn doe  >  searchable with lastName of "doe".
  • j ohn do e >  not searchable.

Recommended content

Still looking for help?
Loading
Expected Behavior of "Assign a Delegate" User Selection Field