<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y000088RaJpSAKOkta Classic EngineSingle Sign-OnAnswered2024-04-02T16:02:14.000Z2020-03-27T20:39:24.000Z2020-04-29T15:53:31.000Z

RobM.62038 (Customer) asked a question.

March 27, 2020 at 8:39 PM
How can I determine if a user in okta was created with credentials

Our system has users that login via external IdP (inbound federation) and some which use okta as their identity provider (IdP). External IdP users are created without credentials. From time to time we have issues in the field where a user is incorrectly created without credentials and cannot login because they have no password (and for that reason they cannot reset their password). We usually figure this out because we see a PASSWORD_BASED_LOGIN_DISALLOWED error in the log. Aside from waiting until someone complains that they cannot login and then looking for the error in the log, is there any way to inspect a user in okta and proactively determine whether they were created as a credentialed user or whether they are configured for inbound federation?

  • 1 answer
  • 1.68K views

  • BhaskarM.18336 (Customer)

    one way is hard code,

    • when you create fed user - go to idp profile editor - populate "any value" map it to okta profile by create new attribute
    • for instance , any value would be FEDERATION.
This question is closed.
Loading
How can I determine if a user in okta was created with credentials