About custom user types in Universal Directory

Okta supports up to 10 user types. This number includes the default Okta user profile plus up to 9 custom user types.

When you create a custom user type, Universal Directory makes what is in essence a copy of the latest default Okta user profile with the default 31 base Okta attributes. The copy is created with the new user type name you give it (for example, Contractor). Once this copy is made, you can then add custom attributes that are relevant to the Contractor user type.

You can customize the 31 base Okta user attributes. Each custom user type can have different attribute settings. You can make some attributes optional or required, select different enum types, and so on. Each user type can map the Okta user profile attributes to different application attributes and add custom attributes. This gives you complete flexibility in your authentication and provisioning scenarios.

With user types, you can:

  • Have up to 10 distinct user types within a single Okta org.
  • Apply different constraints on attributes. For example, for email, you can specify a specific email domain as the format for one user type and another domain for a different user type.
  • Have different profile mappings for the same app for different user types.

Each Okta user can only have one user type, which is selected when that user is created. That is, Jane Doe can only have one Okta user type: either the default Okta user type or a custom user type.

Use case

If Jane requires two user types, two distinct user profiles must be created. What does this mean?

Let's look at a scenario where Jane Doe is a teacher at a local college. As a teacher, she requires access to certain applications for creating class materials, providing student grades and dealing with internal employee applications for benefits, payroll and so on. Jane Doe would be created as the custom user type Teacher.

If Jane Doe wants to take advantage of the free tuition offered to employees and she enrolls in a class, she would no longer be signing in as a teacher at the college. She would need a student profile, so she can access student-related applications for viewing class material, interacting with her classmates online, and viewing her grades. Jane Doe cannot re-use her existing Okta user ID. A new user profile must be created for her with the custom user type of Student. This would require her to have a second user profile with the "student" attributes.

To work with custom user types, see Universal Directory custom user types known issues.