<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Trying to Update the "secondaryEmail" Attribute with a Null Value via API returns "API Validation Failed: secondEmail"
Jul 5, 2024
Lifecycle Management
Okta Classic Engine
Okta Identity Engine
Overview

Updating the secondaryEmail attribute with a null value via API returns an API validation failed error.

Running the following API command: 

POST {{url}}/api/v1/users/{{userdID}}
{
  "profile": {
    "secondEmail":" "
  }
}

returns the following response:

{
    "errorCode": "E0000001",
    "errorSummary": "Api validation failed: secondEmail",
    "errorLink": "E0000001",
    "errorId": "oae11QA7uorQ5mcR_xiTWGTqQ",
    "errorCauses": [
        {
            "errorSummary": "secondEmail: Does not match required pattern"
        }
    ]
}

 

Applies To
  • Universal Directory
  • Okta API
Cause

Okta email addresses do not support updates with character values other than those found in the RFC 3696 specification published by the IETF

Solution

The API request should be populated with a null value: 

POST {{url}}/api/v1/users/{{userdID}} 
{
  "profile": {
    "secondEmail": null
  }
}



The following restrictions apply to all Okta email addresses: 

  1. Consistent with Section 3 of the RFC 3696 specification published by the IETF, Okta email addresses support the following characters:

  • Standard English alphabet

  • A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

  • a b c d e f g h i j k l m n o p q r s t u v w x y z

  • Special characters

  • ! # $ % & ' * + - / = ? ^ _ ` . { | } ~

  • 0, 1, 2, 3, 4, 5, 6, 7, 8, 9

  • Except for the characters ' ` ~ shown above, no diacritical marks are supported in Okta email addresses.

NOTE: The period character (.) may not be used to start or end the part of an email address that precedes the @ symbol (known as the "local"part), nor can two or more periods be used consecutively. For example:

  1. Supported:

  1. Not supported:
  1. Unicode characters:

Unicode characters are supported in user names. There is a known issue with supporting unicode in primary or secondary emails.

  1. Other requirements or restrictions

  • The email address must contain an @ symbol.

  • Email top-level domains (the 'com' portion of the email address) must have a minimum length of 2 characters and a maximum length of 20 characters.

  • 4-byte UTF8 characters are not supported in user names or email addresses.

The following ranges of unicode characters are not supported in workflows that involve integrations with Active Directory or LDAP, for example, Delegated Authentication, all provisioning events, admin password reset, and import.

  • U+0000–U+001F

  • U+0080–U+009F


 


 

Recommended content

Still looking for help?
Loading
Trying to Update the "secondaryEmail" Attribute with a Null Value via API returns "API Validation Failed: secondEmail"