Genesys Cloud provisioning flow fails with the following error visible in the Okta dashboard:
Automatic provisioning of user <username> to app Genesys Cloud failed: Error while creating user <username>: Forbidden. Errors reported by remote server: You must have at least one of the following permissions assigned: [directory:user:add]. Divisions are enabled for org which required permission to match the users assigned division.; contextId:[ <contextId> ]
- Genesys Cloud
- Provisioning
- Okta Integration Network
This error is generated because the Genesys Cloud OAuth client on the Genesys side does not have a division that is manageable with SCIM (that is, a division set in the affected user's app user profile).
-
Refer to Genesys Documentation to Create an OAuth client. At the Genesys Cloud side, navigate to Admin > Integrations > OAuth > select the OAuth client > Roles tab, and verify if the role has the division managed with SCIM.
- Afterward, attempt the failed tasks again. Navigate to Dashboard > Tasks. Any failed assignments should appear under Tasks.
- After locating the failed task for the user that should be retried, click on Retry Selected.
