Override a username format

The username override feature overrides a previously selected Okta username format or appAn abbreviation of application. Essentially, it is a web-based site used to perform any number of specific tasks, and requires authentication from end users by signing in. username format (different per app). When you implement username override, previously selected username formats no longer apply.

Username override can also be used with Selective Attribute Push to continuously update app user names as user profile information changes. For example, if a user gets assigned to an app with a username of email, and that email subsequently changes, Okta can automatically update the app username to the new email. Prior to this enhancement, an Okta the user's app username had to be manually updated by unassigning and reassigning them to the app. This enhancement applies to all apps and is not limited to only apps with provisioning capabilities.

The following are recommendations for creating usernames:

  • Construct an Okta user name by concatenating multiple imported attributes.
  • Create differently formatted user names using conditionals. For example
    • If attribute1 = A, then username should end in acme.com. Otherwise, username should end in acme-temp.com.
    • Example: john.doe@acme.com, john.doe@acme-temp.com
    • This is useful for distinguishing between different types of users (such as employees vs. contractors).
  • Construct app user names from attributes in various sources.
  • Enforce a max length by truncating.
  1. On the Okta AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page. Console, click Directory > Profile Editor.
  2. Select Mappings for the app, directory, or IDPAn acronym for Identity Provider. It is a service that manages end user accounts analogous to user directories such as LDAP and Active Directory, and can send SAML responses to SPs to authenticate end users. Within this scenario, the IdP is Okta..
  3. Choose the mapping direction App to Okta.
  4. Click Override with mapping.
  5. Select an attribute or enter an expression to create the Okta username.
  6. Click Save Mappings and Apply updates now.
Top