<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D54z00007Fem5KCAROkta Classic EngineUniversal DirectoryAnswered2022-03-09T20:39:40.000Z2021-10-22T19:45:08.000Z2021-10-24T11:44:05.000Z

RayA.78577 (OpenSesame) asked a question.

October 22, 2021 at 7:45 PM
Best Practice for UserID without email address?

We have a use case where a customer can have SSO set up with our app and their IDP, and users will log into our app via SSO (never providing any information directly to our app). We don't get an email address for the user, and for some PII concerned customers, don't get any PII at all. Since Okta appears to require an email for each user, what is the best practice for "assembling" an email address that is unique to each user? We can imagine lots of ways, curious to hear others approaches (if you've encountered this)?

  • 1 answer
  • 1.36K views

  • SathishK.23283 (Customer)

    You can use Okta username. Thats very straight fwd. If that does not work, you can have a employeeID some thing like that as Unique Identifier and pass the same in SAML response. Btw can you confirm Okta is IDP & your app is SP ?

This question is closed.
Loading
Best Practice for UserID without email address?