Supported user profile attributes for Office 365 provisioning
Attributes marked with * require Active Directory integration and must be sourced from the user's on-premises Active Directory profile.
Changing a user's User Principal Name (UPN) in Okta for an Office 365 app causes the user to be deprovisioned and then reprovisioned in Azure Active Directory. This process may lead to an error, as it attempts to create a user that already exists. To avoid this issue when updating a user's UPN for Office 365, directly edit the Username field in the user's Okta profile by going to .
The following user profile attributes are supported for each provisioning type. These attributes only apply when provisioning Office 365 from Okta to Azure Active Directory. They don't apply to Office 365 users who have been imported from Azure Active Directory to Okta.
Profile sync
Attributes marked with ** are custom attributes that can be added to your app instance. Once these custom attributes are added and profile mappings are defined, the values are synced from Okta to Azure Active Directory. See Add custom profile sync attributes.
- In GCC High, the Sponsors attribute isn't available.
- The Manager and Sponsors attributes only accept the User Principal Name or object ID of a user.
- The employeeHireDate attribute format should only be in ISO 8601 UTC.
Age group** Business phone** City** Country or region** Company name** Consent provider for minor** Display name Department** Employee ID** Employee type** Employee hire date** |
Fax number** First name Job title** Last name Manager** Mobile phone** Office location** Other emails** Preferred language** Preferred Data location** ZIP or postal**
|
Sponsors** Street address** State or province** UsageLocation User Principal name User type** |
User sync
City Country Country code Department Display name First name Fax number Last name Manager* Middle name |
Mobile phone Office Preferred Language Primary email State Street address |
Telephone Title UsageLocation Username Zip Code |
Universal sync
Attributes marked with *** aren't synchronized by default. To sync these attributes successfully, contact Okta Support.
Alias Assistant* AuthOrig* City Country Country code CommonName Company CountryLetterCode Department Display name Description DLMemRejectPerms* DLMemSubmitPerms* ExtensionAttribute1 ExtensionAttribute2 ExtensionAttribute3 ExtensionAttribute4 ExtensionAttribute5 ExtensionAttribute6 ExtensionAttribute7 ExtensionAttribute8 ExtensionAttribute9 ExtensionAttribute10 ExtensionAttribute12 ExtensionAttribute13 ExtensionAttribute14 ExtensionAttribute15 First name Fax number HomePhone Info Initials InternetEncoding IPPhone LastPasswordChangeTimestamp LegacyExchangeDN Manager* Middle name Mobile phone |
MSDSHABSeniorityIndex MSDSPhoneticDisplayName MSExchArchiveGuid MSExchArchiveName MSExchAssistantName MSExchAuditAdmin MSExchAuditDelegate MSExchAuditDelegateAdmin MSExchAuditOwner MSExchBlockedSendersHash MSExchBypassAudit MSExchDelegateListLink* MSExchElcExpirySuspensionEnd MSExchElcExpirySuspensionStart MSExchElcMailboxFlags MSExchEnableModeration MSExchExtensionCustomAttribute1 MSExchExtensionCustomAttribute2 MSExchExtensionCustomAttribute3 MSExchLitigationHoldOwner MSExchMailboxGuid MSExchMailboxAuditEnable MSExchMailboxAuditLogAgeLimit MSExchModeratedByLink* MSExchModerationFlags MSExchRecipientDisplayType MSExchRecipientTypeDetails MSExchRemoteRecipientType MSExchRequireAuthToSendTo MSExchResourceCapacity MSExchResourceDisplay MSExchResourceMetadata MSExchExtensionCustomAttribute4 MSExchExtensionCustomAttribute5 MSExchHideFromAddressLists MSExchImmutableId MSExchLitigationHoldDate MSExchResourceSearchProperties MSExchRetentionComment MSExchRetentionUrl MSExchSafeRecipientsHash MSExchSafeSendersHash |
MSExchSenderHintTranslations MSExchTeamMailboxExpiration MSExchTeamMailboxOwners* MSExchTeamMailboxSharePointLinkedBy* MSExchTeamMailboxSharePointUrl MSExchUserHoldPolicies MSRtcSipApplicationOptions MSRtcSipDeploymentLocator MSRtcSipLine MSRtcSipOwnerUrn MSRtcSipPrimaryUserAddress MSRtcSipUserEnabled MSRtcSipOptionFlags Office OnPremiseSecurityIdentifier OtherFacsimileTelephoneNumber OtherHomePhone OtherIPPhone OtherMobile OtherPager OtherTelephone onPremisesSamAccountName*** onPremisesDomainName*** onPremisesUserPrincipalName*** Preferred Language Primary email Pager PostOfficeBox ProxyAddresses PublicDelegates* State Street address Telephone Title TargetAddress TelephoneAssistant UnauthOrig* URLUserCertificate Username UserSMIMECertificateWwwHomepage UsageLocation Username Zip Code |