When provisioning an Okta user to Lucidchart, an external ID conflict error occurs if a duplicate record exists in the service provider. Resolving this issue requires contacting Lucidchart support to clear the duplicate record before retrying the provisioning task. The following error occurs during provisioning:

Conflict. Errors reported by remote server: Error for user username@example.com: The externalId LogSafeString(<oktauserId>) is already in use by another user

NOTE: <oktauserId> represents the ID for the Okta user profile.

• Okta Identity Engine (OIE)
• Okta Classic Engine
• Okta Integration Network (OIN)
• User Provisioning
• Lucidchart

This error occurs when Okta provisions the same user back to Lucidchart at a later date, and a duplicate record remains in the service. The username that Okta provisions returns a 404 error in the API because it no longer exists in Lucidchart, even though another record tied to the same Okta user ID still exists. Lucidchart represents the Okta user ID as the external ID. Okta similarly represents the ID created in the service provider as the AppUser External ID.

How is the external ID conflict resolved?

Resolve the external ID conflict by contacting Lucidchart support to clear the duplicate record, identifying the request timing in the System Log, and retrying the provisioning task in the Okta Admin Console.

1. Contact Lucidchart support to clear the duplicate record from the service provider side.
2. Locate the timing of the requests by using the following Okta System Log search expression:

   target.displayName eq "Lucidchart" and target.type eq "AppInstance" and outcome.reason sw "Conflict"

3. Retry the provisioning task from the Okta Admin Console after Lucidchart support clears the duplicate record. How to Retry Failed Tasks for a Specific Application.

Related References

• How to Retry Failed Tasks for a Specific Application