Secure Assertion Markup Language (SAML) assertion from external IdP does not update attribute(s) even when the "Updates attributes for existing user" under JIT configuration and profile mapping is done correctly for the external IdP.

• External Secure Assertion Markup Language (SAML) IdP

If the SAML assertion from the external IdP does not update the user profile attributes, please verify the below:

The Identity Provider

1. In the Okta admin dashboard, go to Security > Identity Providers and select IdP.
2. Click Actions and Configure Identity Provider.
3. Under General Settings, click Edit.
4. Under JIT Setting, make sure to have Update attributes for existing users selected.

The IdP Mapping

1. In the Okta admin dashboard, go to Security > Identity Providers and select IdP.
2. Click Actions and Edit Profile and Mappings.
3. Click on Mappings > Configure User mappings
4. Check on Preview to make sure the mapping is correct.
    

The profile source priority

In the Okta admin dashboard, under Directory > Profile Editor > Okta User (default) > Profile source priority > Update profile sources configuration and put the IdP at the one with priority if it is not already.


If none of these fixes the situation, contact Okta support for assistance.