Unable to Add a Identifier to User Profile Policy Error: "The rule could not be updated because the field email is hidden or read only and cannot be added to the form"
Jan 5, 2026
Directories
Okta Identity Engine
Overview
If the "Multiple Identifiers" feature is enabled, the Identification tab is available for each policy, and a unique attribute can be added to the user profile policy as the identifier. However, the user profile policy configuration fails with the following error message:
The rule could not be updated because the field email is hidden or read-only and cannot be added to the form
Applies To
- Okta Integration Network (OIN)
- Okta Identity Engine (OIE)
- Multiple Identifiers
Cause
If the email attribute permission is configured as read-only or hidden, the identifier cannot be added to the user profile policy.
Solution
Change the email attribute to ensure the permission is configured as read-write.
