Naga KishoreI.14293 (Customer) asked a question.
Is there a way in OKTA to assign AD groups in parent domain (myDemo.com), to users present in child domain (dev.myDemo.com)?
Hi Everyone,
I have two directory integrations with a parent and child domains configured (myDemo.com and dev.myDemo.com). I have users assigned to the child directory integration(dev.myDemo.com). Now, using the "Manage directory groups" API, I am trying the add the user to a group (which is present in myDemo.com). In this process, I am getting error (400 Bad Request: Can't find a valid AppUser for id). I believe this is because the user does not have assignment in the parent integration. Is there a way in OKTA to to assign groups in parent domain (myDemo.com), to users present in child domain (dev.myDemo.com)?
Thanks
Naga Kishore
Hello @Naga KishoreI.14293 (Customer) , thank you for contacting Okta Community.
Unfortunately, we currently do not support cross-domain membership. You can add or remove members from a USG, but not cross-domain memberships.
If you have a paid account, you can suggest this on the Okta Community page by going to the Community→ Ideas tab. Features suggested in our community are reviewed and can be voted on and commented on by other members. High popularity will increase the likelihood of it being picked up by the Product Team and implemented.
You can find more details here.
Regards.
—
Help others in the community by liking or hitting Select as Best if this response helped you.