NareshG.80393 (Customer) asked a question.
okta org2org saml setup with SCIM and getting Unable to transform email to username
I am new to OKTA. I have configured OKTA Org2org setup with SCIM. The IDs are successfully created on the target.
When I am testing SAML and it is not working, I receive this error in the logs: Unable to transform email to username.
I tested this setup with JIT instead of SCIM and working well.
I am using this idpuser.subjectNameId in IDP setup and matching with OKTA username but no luck.
Could someone please help me if I missed anything?
Hi @NareshG.80393 (Customer) , Thank you for reaching out to the Okta Community!
You can review the Org2Org implementation documentation here. Depending on your organization's requirement, I would recommend the API token model of Provisioning which is typically more straightforward and simple to configure.
If you are looking for a custom SCIM implementation, please reach out to our Developer colleagues via devforum.okta.com, as this would be their purview.
In the meantime, you can check the Okta System Logs to review additional details as to what might be mismatching. Also check your attribute mappings on both sides (hub/spoke orgs) under Okta Admin Dashboard > Directory > Profile Editor > "org2org integration name".
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Collect them all. Learn a new skill and earn a new Okta Learning badge.
Just released: More Okta Community badges just added
AMA Alert: Starting the Year Strong with Stronger Authentication (MFA) Adoption