Reputation: 1012
Sending group custom attributes through the Okta SCIM app
Trying to create a SCIM application in Okta that would provision both users and groups. Users seem to work as expected and I am able to push custom attributes for users to our app and also do the proper mappings.
However, I have some issues with Groups. I am using Push Group mechanism.
After I enabled the feature called Group Profiles for Universal Directory an Okta Group Profile was added to the Directory -> Profile Editors, to which I added some new attributes for groups (e.g. email, okta id). If I create groups with these custom attributes and push them, the only information I get sent to our app is displayName and members. This is the POST body:
{"schemas":["urn:ietf:params:scim:schemas:core:2.0:Group"],"displayName":"name of group","members":[]}
So no email or other custom attributes.
It is not clear to me how to differentiate our SCIM app attributes for users vs the ones for groups. In the attribute mappings I only see “From Okta user to My app”, and no “From Okta group to My app” and I can only choose user.attribute and not group.attribute.
Any help is very much appreciated!
Upvotes: 1
Views: 542
Answers (1)
Reputation: 1012
I got an answer from support saying that provisioning through SCIM custom group attributes is not supported yet. The option might be available later this year, but there is no ETA.
Upvotes: 0
Related Questions
- Does Okta send group membership removal when user is assigned to app via a group?
- Is support for Groups required by the SCIM protocol, and how do you handle it if your application doesn't have the concept of groups?
- How to configure and get custom attribute in okta with saml2.0
- OKTA SCIM User custom attributes
- How to use a profile mapping in an attribute in Okta
- Okta Pass list of roles instead of single value?
- SamlCredential does not retrieve group attributes from Okta SAML response
- Okta how to pass groups in assertion SAML
- Okta Group Attributes
- Add Okta user to Okta group Python sdk