<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jYsSAJOkta Classic EngineOkta Integration NetworkAnswered2025-12-04T09:00:20.000Z2016-07-26T17:39:45.000Z2020-12-22T10:59:21.000Z

  • gabriel.sroka1.4374539321839353E12 (Okta, Inc.)

    Hi Suman

    In Postman, you get a "profile" section. This is the only section you can use.

     

    From http://developer.okta.com/docs/api/resources/users.html

      
    1.  {  "id": "00ub0oNGTSWTBKOLGLNR",  "status": "ACTIVE",  "created": "2013-06-24T16:39:18.000Z",  "activated": "2013-06-24T16:39:19.000Z",  "statusChanged": "2013-06-24T16:39:19.000Z",  "lastLogin": "2013-06-24T17:39:19.000Z",  "lastUpdated": "2013-06-27T16:35:28.000Z",  "passwordChanged": "2013-06-24T16:39:19.000Z",  "profile": {  "login": "isaac.brock@example.com",  "firstName": "Isaac",  "lastName": "Brock",  "nickName": "issac",  "displayName": "Isaac Brock",  "email": "isaac.brock@example.com",  "secondEmail": "isaac@example.org",  "profileUrl": "http://www.example.com/profile",  "preferredLanguage": "en-US",  "userType": "Employee",  "organization": "Okta",  "title": "Director",  "division": "R&D",  "department": "Engineering",  "costCenter": "10",  "employeeNumber": "187",  "mobilePhone": "+1-555-415-1337",  "primaryPhone": "+1-555-514-1337",  "streetAddress": "301 Brannan St.",  "city": "San Francisco",  "state": "CA",  "zipCode": "94107",  "countryCode": "US"  }, // ...
     

    Expand Post
    Selected as Best

  • gabriel.sroka1.4374539321839353E12 (Okta, Inc.)

    Hi Suman

    user.login is the built-in attribute. Is that what you mean? Or do you have a custom attribute called user.id?

  • dak9q (dak9q)

    I believe every user in OKTA is assigned with a UID(alpha numeric code). Is there a way I can map this to an attribute in SAML and send this to a SP application?

  • dak9q (dak9q)

    For example, when I invoke the getUser API call using Postman, one of the field that I get is  

    "id": "00u60gsb7mh1Zu9d40h7",

     

    Is there a way I can use this field either in OKTA SAML field(Custom attribute) or use this field in custom expression like user.employeeNumber!= null ? user.employeeNumber: user.id
    Expand Post

  • gabriel.sroka1.4374539321839353E12 (Okta, Inc.)

    Hi Suman

    In Postman, you get a "profile" section. This is the only section you can use.

     

    From http://developer.okta.com/docs/api/resources/users.html

      
    1.  {  "id": "00ub0oNGTSWTBKOLGLNR",  "status": "ACTIVE",  "created": "2013-06-24T16:39:18.000Z",  "activated": "2013-06-24T16:39:19.000Z",  "statusChanged": "2013-06-24T16:39:19.000Z",  "lastLogin": "2013-06-24T17:39:19.000Z",  "lastUpdated": "2013-06-27T16:35:28.000Z",  "passwordChanged": "2013-06-24T16:39:19.000Z",  "profile": {  "login": "isaac.brock@example.com",  "firstName": "Isaac",  "lastName": "Brock",  "nickName": "issac",  "displayName": "Isaac Brock",  "email": "isaac.brock@example.com",  "secondEmail": "isaac@example.org",  "profileUrl": "http://www.example.com/profile",  "preferredLanguage": "en-US",  "userType": "Employee",  "organization": "Okta",  "title": "Director",  "division": "R&D",  "department": "Engineering",  "costCenter": "10",  "employeeNumber": "187",  "mobilePhone": "+1-555-415-1337",  "primaryPhone": "+1-555-514-1337",  "streetAddress": "301 Brannan St.",  "city": "San Francisco",  "state": "CA",  "zipCode": "94107",  "countryCode": "US"  }, // ...
     

    Expand Post
    Selected as Best

  • dak9q (dak9q)

    I guess the question was not clear... Thank you for pasting the JSON response for User profile. If you see the "id": "00ub0oNGTSWTBKOLGLNR" - can I get this ID value using Expression Language from OKTA Admin Login in the context of an SAML application attribute? Let me know if the question is not clear.

  • gabriel.sroka1.4374539321839353E12 (Okta, Inc.)

    You can only use the attributes contained in the "profile" section. In the sample JSON above, you can use login, firstName, lastName, etc. This includes both base and custom attributes from the Profile Editor. You cannot use id, status, created, etc.

  • 8zftp (8zftp)

    Gabriel,

    If I created a custom attribute, would wit show up in the profile section?

  • dak9q (dak9q)

    Thanks Gabriel for the update, appreciate it

  • IsaacB.02304 (Customer)

    Hi: The original poster was asking whether it was possible to reference user.id in an Okta expression. That would be done in Universal Directory/Profile Editor, not in an API call. Gabriel's response references the json that is returned by an API call. Is the take-away from Gabriel's response that only attributes that are in the "profile" section of the json are exposed to the Okta admin UI (e.g., Profile Editor)? And that since id is at the root of the json, not in profile, it cannot be referenced in Profile Editor? Thank you.

    Expand Post
10 of 14
This question is closed.
Loading
can I use user.id in expressions?