Understanding Okta SCIM Default Attributes
When configuring your Okta SCIM application, it is critical that you do not delete any of the default attributes. Removing these attributes directly from the Okta application will cause critical synchronization failures, preventing successful user provisioning, deprovisioning, and routine user attribute updates.
Attribute Mapping Table Guide
Please reference the table below for a complete list of the required application attributes.
Starred Rows (*): These rows indicate attributes that are required by the application and represent where the platform stores essential user information.
The
userNameAttribute (**): This is a strict requirement for the application to function and must remain mapped to the user's primary identifier.Remapping Allowed: With the exception of
userName, the attributes in the starred rows can be safely remapped to send different user values from Okta if your organizational structure requires it.
How to Handle Unwanted Attributes (Syncing Null Values)
If there are specific default values in the table that you do not wish to synchronize with the platform, do not delete the attribute.
Instead, you must remap the unwanted attribute to sync a Null value.
⚠️ Critical Exceptions: You cannot sync Null values for core identity fields. Ensure that valid data mappings are always retained for the following platform attributes:
First Name
Last Name
Email
| Attribute | Attribute Type |
Value |
| Username ** | Personal |
Configured in Sign On settings |
userName | ||
| Given name * | Personal |
user.firstName |
givenName | ||
| Family name * | Personal |
user.lastName |
familyName | ||
| Middle name | Personal |
user.middleName |
middleName | ||
| Honorific prefix | Personal |
user.honorificPrefix |
honorificPrefix | ||
| Honorific suffix | Personal |
user.honorificSuffix |
honorificSuffix | ||
| Email * | Personal |
user.email |
| Primary email type | Personal |
(user.email != null && user.email != '') ? 'work' : '' |
emailType | ||
| Title * | Personal |
user.title |
title | ||
| Display name | Personal |
user.displayName |
displayName | ||
| Nickname | Personal |
user.nickName |
nickName | ||
| Profile Url | Personal |
user.profileUrl |
profileUrl | ||
| Primary phone * | Personal |
user.primaryPhone |
primaryPhone | ||
| Primary phone type | Personal |
(user.primaryPhone != null && user.primaryPhone != '') ? 'work' : '' |
primaryPhoneType | ||
| Address type | Personal |
(user.streetAddress != null && user.streetAddress != '') ? 'work' : '' |
addressType | ||
| Street address | Personal |
user.streetAddress |
streetAddress | ||
| Locality | Personal |
user.city |
locality | ||
| Region * | Personal |
user.state |
region | ||
| Postal Code | Personal |
user.zipCode |
postalCode | ||
| Country * | Personal |
user.countryCode |
country | ||
| Formatted | Personal |
user.postalAddress |
formatted | ||
| Preferred language | Group |
user.preferredLanguage |
preferredLanguage | ||
| Locale Name | Group |
user.locale |
locale | ||
| Time zone | Group |
user.timezone |
timezone | ||
| User type | Group |
user.userType |
userType | ||
| Employee number | Personal |
user.employeeNumber |
employeeNumber | ||
| Cost center | Group |
user.costCenter |
costCenter | ||
| Organization | Group |
user.organization |
organization | ||
| Division | Group |
user.division |
division | ||
| Department * | Group |
user.department |
department | ||
| Manager value | Personal |
user.managerId |
managerValue | ||
| Manager display name * | Personal |
user.manager |
managerDisplayName |
Comments
0 comments
Please sign in to leave a comment.