b8pvo (b8pvo) asked a question.
I can create a user in Okta with a username containing a question mark but when I search for the user using the Okta Java SDK I can't find the user.
Here is the exception/error I got for username john.doe+special?char@gmail.com:
com.okta.sdk.resource.ResourceException: HTTP 404, Okta E0000007 (Not found: Resource not found: john.doe+special (User)), ErrorId oaeKjBHfOy8Q1CM8-hVHHljEQ
What are the valid characters for a Okta username? A regular expression would be helpful here as the Okta documentation below is incorrect, vague or there is a bug in the Okta Java SDK.
Here is the regular expression I am using to validate usernames and addresses:
(?:[a-z0-9!*$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!*$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\.){3}(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9])|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])
Below is the Okta documentation I found about legal characters for email address. I did not find a similar document for username.
Supported Okta email address characters
Consistent with Section 3 of the RFC 3696 specification published by the IETF, Okta email addresses support the following characters:
Standard English alphabet
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
a b c d e f g h i j k l m n o p q r s t u v w x y z
Special characters
! * $ % & ' * + - / = ? ^ _ ` . { | } ~
0, 1, 2, 3, 4, 5, 6, 7, 8, 9
Except for the characters ' ` ~ shown above, no diacritical marks are supported in Okta email addresses.
Note: The period character (.) may not be used to start or end the part of an email address that precedes the @ symbol (known as the "local"part), nor can two or more periods be used consecutively. For example:
Hi there. The Username character restrictions can vary from email format to a custom restriction to no restriction at all. Take a look at this doc here:
https://help.okta.com/en/prod/Content/Topics/users-groups-profiles/usgp-create-character-restriction.htm#:~:text=Custom%20character%20restriction%3A%20This%20option,are%20not%20permitted%20by%20Okta.
Can you let me know what methods you are running in the Java SDK to receive the referenced error?
I am calling client.getUser(userName). The code works for other usernames and even the test username if I change the name in the Okta UI and remove the question mark. So this 'john.ruggentaler+special?char@gmail.com' throws the exception but 'john.ruggentaler+specialchar@gmail.com' does not from the Java SDK. Below is the getUser() method (written Groovy).
/**
* Find Okta user by user name.
*
* @param userName
* @return
*/
User findOktaUser(String userName) {
User user = null
try {
user = client.getUser(userName)
}
catch (Throwable e) {
log.debug("Exception encountered . " + e.getMessage())
}
return user
}