IsaacB.81593 (Customer)
Hi:
I'm looking at leveraging Linked Objects for manager functionality. I followed the doc below, successfully.
As documented, a separate section shows up on the Profile page with a manager picker. But the base "manager" attribute is still editable. Is there a way to combine these, so that I do not need to advise admins to use the linked object manager instead of the base?
Thanks,
DiptiK.91264 (Product Management, Directories)
Hi Everyone! Contains search is here! This highly requested feature is now available in production! Check out this blog to learn more!
User16370330549592969269 (Customer Support Online Experience)
Through the Okta Ideas program, we collaborate with our customers and partners to turn feedback into innovative solutions. Your input drives new features across Access Management, Okta Identity Governance, and more.
Hear from happy customers who’ve seen their ideas come to life, and learn how the Ideas lifecycle ensures your voice is heard.
We want to hear from you! Participate in our survey by Feb 1, 2025, and help us improve. Share your thoughts and get a chance to win Okta swag! Learn more and share your ideas.
af5cs (af5cs)
Hello All,
I have a question regarding integrating AD and M365 with windows in a HAADJ scenario.
Currently in my test environment(replicating production), We have the below setup.
AD domain uses domain contoso.com, Contoso.com not verified in M365, Users use contoso.com user to login to their devices.
M365 apps use Fabrikam.com so users login using their username based on AD account to get access to M365 resources using the domain fabrikam.com i.e. no upn matching between M365 and AD.
Currently we need the users logged in to the devices to retrieve AzureADPRT and EnterprisePRT so that they have access to cloud resources and that normally happens if there is UPN matching between onpremise and cloud.
However I am trying to find a way through mappings, etc.... so that onprem user without upn matching can be given primary refresh token from Azure/Enterprise to have access to cloud resources such as HAADJ (Hybrid Entra) joined devices.
Would appreciate any guidance here. Thank you
Hi @af5cs (af5cs) , Thank you for reaching out to the Okta Community!
I'm not familiar with this type of implementation, so I'm going to leave this question open to the Community if anyone here has additional insight, but if it enough to just assign the on-prem users to the M365 app with certain values, you could achieve this with customer attribute mappings as long as the users will be conscious of the fact that they will have different values for the emails as opposed to the username for example.
You could leverage the Okta Expression Language to set up the M365 application username to account for contoso.com users and send them into the downstream app with fabrikam.com values.
Similar to what is being discussed here: https://support.okta.com/help/s/question/0D50Z00008G7V2MSAV/custom-username?language=en_US
https://help.okta.com/en-us/content/topics/users-groups-profiles/usgp-override-app-username.htm
Here are some additional Hybrid configuration documentation, although I don't think they discuss this particular use case.
https://www.okta.com/resources/whitepaper/using-okta-for-hybrid-microsoft-aad-join/
https://help.okta.com/en-us/content/topics/provisioning/azure/haad-join/configure-hybrid-join.htm
https://help.okta.com/en-us/content/topics/apps/office365/hybrid-aad-joined-devices-support.htm
Regards.
RajaR.78546 (Customer)
Hi Team,
Can we have REST API for accessing UD? if yes someone please share me the API access link would be greatful.
Hello @RajaR.78546 (Customer) Thank you for posting on our Community page!
Please find below our API collections for everything Okta has to offer:
https://developer.okta.com/docs/reference/core-okta-api/
Thank you for reaching out to our Community and have a great day!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
We use cookies to provide the best website experience and to help understand marketing efforts. We may also share data with ad partners to reach potential customers across the web. To learn more, visit our Privacy Policy. Click here for Your Privacy Choices. You may also opt out of this sharing by signaling your preference via GPC, applicable only to the browser signaling the opt-out.
More information
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Select All
Hello @IsaacB.81593 (Customer) Thank you for posting on our Community page!
At this time this can not be done, you will have to manually change that.
However you can add a Feature Request on our Idea section, for a chance that this functionality to be added in the future.
https://support.okta.com/help/s/ideas
Thank you for reaching out to our Community and have a great day!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Just released: More Okta Community badges just added.