<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
The Manager Attribute from Okta Is Not Synced to Office 365
Aug 7, 2025
Okta Integration Network
Okta Classic Engine
Okta Identity Engine
Overview

Manager attribute syncs correctly from the on-premise Active Directory to Okta, and Okta user's profiles have the correct Manager updated.

user.managerId => getManagerUser("active_directory").email

user.manager => String.substringAfter(String.substringBefore(appuser.managerDn, ",OU"), "CN=")
 

In the Office365 app Profile Editor, the manager attribute is mapped to sync from Okta to Office 365 as below:
attribute 
However, the Manager attribute from Okta is not synced to Office 365.

Applies To
  • Office365 App
  • Active Directory
  • ManagerID
Cause

Refer to this documentation for Office 365 provisioning supported user profile attributes.

Manager* -> Manager attribute is supported however this Attribute marked with a * requires Active Directory integration, and must be sourced from the user's on-premise Active Directory profile.

The Office365 Manager attribute is a directoryObject attribute, which can only be updated by another directoryObject type of attribute.

user.managerId is mapped to getManagerUser("active_directory").email for AD integration mapping.
It will get the manager's email value. This attribute is not directoryObject type.

Solution

The Okta Office365 default mapping for the manager attribute should be formatted as shown below:

hasDirectoryUser()?findDirectoryUser().managerDn:null

It will check if the user has an Active Directory assignment, and if so, return their Active Directory manager DN.

If the user is an Active Directory user, then AD managerDn will be pushed to Office365.

  1. Go to Directory > Profile Editor > search Office365 app and click on Mappings.
  2. In the Okta User to Microsoft Office365 tab, search for the attribute: Manager, and use the following mapping:

     hasDirectoryUser()?findDirectoryUser().managerDn:null => Manager

attribute

  1. Click on Save Mappings and Apply updates now, and confirm a user profile in the Office365 Azure portal for the correct value for the Manager attribute.
     

NOTE: If multiple Active Directory (AD) instances are connected to Okta and the preceding steps have not resolved the issue, an additional Okta feature may need to be enabled. This ensures that the active Office 365 Appuser's immutable ID is correctly linked to their corresponding Azure/Entra userID. Please open a support case with Okta's support team.

 

Related References

Recommended content

Still looking for help?
Loading
The Manager Attribute from Okta Is Not Synced to Office 365