PierC.15646 (Customer) asked a question.
Hello,
I'm building a custom integration in our org with okta for our internal App.
Okta will manage the user profile (first name, last name, email, role etc.) and will push that information to our App.
Our App will create the users and will assigned additional information (say favouriteColor) to Okta so it shows in the profile.
The problem is, I'm using the SCIM test apps, and whatever custom attribute I use for App profile in Okta, it gets stored locally , so if it changes in my App, it won't update in Okta on import (even if I enable profile sourcing and what not).
From what I understand, I need to have a schema discovery like here:
https://developer.okta.com/docs/guides/scim-with-entitlements/main/*example-user-discovery-data
But I don't see it. The only thing it says that for it to be enabled I need to contact Okta support and it just throws me a link to this forum.
@PierC.15646 (Customer)
Some questions
1) In Okta on your user profile, do you have an attribute called "FavoriteColor" on the user profile as placeholder?
2) If yes, then have you mapped from App to Okta to update the Okta "FavoriteColor" attribuite?
If you dont have a placeholder attribute called "FavoriteColor" on user profile and you are expecting that attribute to be discovered during import it may be a seperate conversation (more on lines of schema discovery) . Please let me know whats your scenario
Thanks
-Bala
Hi! thanks for your reply
yes, I do have, both in my app and in my okta user profile, and they're mapped via attribute mapping.
The flow I observe now is:
When assign the user (or import it), the attribute returned by my App is populated in okta.
But, if I then go to my app and update the attribute and run the Import again, Okta says that the user was changed, but when I check the attribute in okta, it's the same old value. So it doesn't seem to be updated at all.
Hi @PierC.15646 (Customer)
In your attribute mapping, do you see an option for apply mapping on create and update or do you see a ForceSync button in "to Okta" section unser User Attribuite section and what happens when you click on that?
-Bala
Hello,
Yes, the attribute mapping (to Okta) is both on create and update. If I do force sync it doesn't do anything.
And I know the setup is working, I'll give you a full example of the workflow.
Also, I'd like to make some attributes read-only. That is, they should be set by My App and there should be no way of editing those in Okta. They should be synced only from My App.
Is that possible to do without enabling schema discovery?
@PierC.15646 (Customer)
Do you see any difference if you try a PATCH as opposedto POST?
For second part in mapping you can define a one way mapping only (in your profile mapping)
Hello @PierC.15646 (Customer) Thank you for posting on our Community page!
This question is more appropriate for our dedicated Okta Developer Forum.
My advice would be to reach out via devforum.okta.com to take advantage of their expertise.
While we'll do our best to answer all of your questions here, this medium is more inclined towards Okta core products and features (non-developer work).
Thank you for reaching out to our Community and have a great day!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Collect them all. Learn a new skill and earn a new Okta Learning badge.