Updating an Okta user profile while it is in a deactivated state does not trigger an entry in the Okta System Log.
- User Lifecycle Management (LCM)
- Universal Directory (UD)
- User Profile Updates
- Okta System Logs
The default Okta Universal Directory (UD) behavior is to prevent updates to Users in the deactivated/INACTIVE status, and so update events to the Okta User profile are recorded in the System Log.
When an admin enables the Allow updates to deactivated users feature, it allows updates to Okta User profiles while keeping the profiles in the deactivated state.
As part of mitigations to avoid undesired actions, provisioning, or other automations on deactivated Okta User profiles, update events while the User is in the deactivated status are not recorded in the Okta System Logs. This means the UD profile update event, such as user.account.update_profile are not entered into the System Log by design.
This is the designed behavior when Allow updates to deactivated users is enabled. This feature may only be enabled or disabled by a Super Admin.
In order to revert to allowing updates to deactivated Okta User Profiles:
- Navigate in the Okta Admin console to Directory > People.
- Click More Actions.
- Choose Stop updates to deactivated users.
With this feature disabled, the default UD behavior will take effect and prevent updates to deactivated Okta User profiles. The default behavior will require updates to the User profile before deactivation. For User profiles that are already deactivated, the profile must be reactivated before changes can be made.
Feature and enhancement requests can be raised on Okta Ideas or voting and commenting on existing Ideas, such as: Okta idea 216488.
