00uvm7ve00FHTNVXUUY1.4571202224996985E12 (Customer | Certified Okta Consultant) asked a question.
What I'm trying to achieve:
Writing a group rule which checks to see if a user is assigned an app. If so add them to group.
Not sure if this is possible or even if I can pull an appuser attribute within a group rule.
One of the ways I thought about doing this is simply to check if the user has xyz attribute in a given app profile.
A very simple example
This works for the okta user profile
user.lastName=="Doe"
But I can't seem to get this to work for lets say the google app user profile which in our case is Variable name: google
And our profile mappings for last name in G suit is nameFamilyName
google.nameFamilyName=="Doe"
Not sure what I am doing wrong here but I can't seem to figure out the syntax for calling appuser.attribute
As per our expression language there is no functionality were you can use to recognize if user is assigned to an application and based on this to add the user to a specific group. Here you can consult the options available using Okta expression language : https://developer.okta.com/reference/okta_expression_language/
You can suggest this functionality under Product>Idea. Features suggested in our community are reviewed and can be voted and commented on by other members of the community, therefore making it much easier for the engineering team to understand the priorities that you have for feature requests.