0

How to configure an OKTA SCIM2.0 application so that it can send custom attributes(like city, state, zip) and also groups in which the user is assigned to, with POST/PATCH/PUT requests

Current request obj received from okta is as below:

POST /Users
{
   "schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],
   "userName":"abc@gmail.com",
   "name":{
        "givenName":"ABC",
       "familyName":"DEF"
   },
   "emails":[{
       "primary":true,
       "value":"abc@gmail.com",
       "type":"work"
   }],
   "displayName":"ABC DEF",
   "locale":"en-US",
   "externalId":"xxxxxxxxxxxx",
   "groups":[],
   "active":true
}

Thank You

Umang Mehta
  • 1,467
  • 11
  • 16

2 Answers2

0

For custom attributes, you'll want to make sure that the user profile attributes for your SCIM application are set up appropriately.

For group information, you'll need to work with your contact at Okta to enable group push support in your Okta org, then you'll need to implement the /Groups endpoint in your application.

Joël Franusic
  • 1,178
  • 8
  • 18
  • Thank You for your response. What I am looking for is not exactly custom attributes, They are addresses of user. I am not able to find them anywhere in request from OKTA on provisioning or on update. – Umang Mehta Jun 13 '17 at 19:01
  • To get that additional information, you need to make sure that you are mapping those attributes from the Okta user profile to your SCIM application's user profile. – Joël Franusic Jun 13 '17 at 20:42
  • I deleted the predefined attributes provided and added them back to solve this issue. I am not sure what is the root cause of this, why I had to delete those attributes and add back, but it simply did work. – Umang Mehta Jun 21 '17 at 14:56
0

I was able to solve this by deleting the custom attributes and recreating them like OP said in the comments. When you do that, there is a new field called "External Namespace". Set this to urn:ietf:params:scim:schemas:extension:enterprise:2.0:User for all fields that you want in your extensions object. Make sure the schema you are expecting for your extensions object also matches that URN. Then set up the mappings in profile editor for the SCIM app and you should see them being sent from Okta in the PUT request.

I think the create and recreate trick has to do with the fact that the original attributes were created before I enabled the API integration with the SCIM endpoint.

See these links for more info:

davekats
  • 106
  • 1
  • 10