<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base

Okta Expression Language using isMemberOfGroup or isMemberOfGroupName Does Not Trigger Mapping Updates

Last Updated:

Lifecycle Management
Okta Classic Engine
Okta Identity Engine

Overview

Universal Directory (UD) mappings using Okta Expression Language group functions, such as isMemberOfGroup or isMemberOfGroupName do not trigger UD mapping updates.

Applies To

  • Universal Directory (UD) mappings
  • Okta Expression Language (OEL)

Cause

Okta Expression Language group membership functions are currently not integrated to trigger UD mapping updates.

This means that the profile attributes in the AppUser profiles are not updated or reapplied when the user's group membership changes.

Solution

Since the isMemberOfGroup or isMemberOfGroupName functions in UD mappings do not trigger profile updates, it is recommended to use Group Rules instead to manage user profile updates when group memberships are changed/updated.

Alternately, if the attribute type in the application is a Group type and not Personal, the value may be set in the Group App Assignment and by assigning the attribute by group priority.

Related References

Recommended content

Still looking for help?
Loading
Okta Support - Okta Expression Language using isMemberOfGroup or isMemberOfGroupName Does Not Trigger Mapping Updates