CSV directory integration prerequisites
The following are the prerequisites for CSV directory integrations:
- The OPP agentA software agent is a lightweight program that runs as a service outside of Okta. It is typically installed behind a firewall and allows Okta to tunnel communication between an on-premises service and Okta's cloud service. Okta employs several agent types: Active Directory, LDAP, RADIUS, RSA, Active Directory Password Sync, and IWA. For example, users can install multiple Active Directory agents to ensure that the integration is robust and highly available across geographic locations. is lightweight and runs on either Linux (CentOS or RHEL) or Microsoft Windows Server (x86/x64), and sits behind a firewall. To find the download link, log into Okta, select Settings > Downloads, and navigate to the OPP Agent section.
- The OPP agent version must be 1.03.00 or higher. If you previously installed an OPP agent, it will not function for this feature. For information about installing the agent, refer to the On-Premises Provisioning Deployment Guide.
- Your CSV file must have a .csv extension and must be saved to an on-premises file folder.
- Your CSV file must be in UTF-8 format.
- The OPP agent must have read permissions for the CSV file.
- All active users must be present for every CSV import. Your CSV file is a representation of all active users from your source system. All active users must be present in every CSV import or the user is considered inactive. Okta uses the Unique Identifier that you designated as the primary identifier for each user. The import behaves as follows:
- If a user is missing during the latest import, Okta assumes the user is no longer active and deactivates the user in Okta.
- If a new user appears who did not exist in Okta during a previous import as denoted by their unique identifier, then Okta creates the user.
- If a user is present in Okta and was present in the latest import, Okta treats the current data in the CSV file as the source of truth, and executes any updates to that user’s attributes.
- All required attributes must be present for every CSV import. The unique identifier and all attributes marked as Attribute Required in the Okta Profile Editor must be present in the CSV file. If any of the required attributes is missing for a user, the following results:
- For an existing user, the user is deactivated from Okta
- For a new user, the import fails
- All attributes and headers must be formatted properly
- Required attribute headers are case-sensitive.
- Use only variable names, not display names as CSV headers.
- Do not use white spaces surrounding the headers within the CSV—they are not ignored.
- The Profile Editor ignores any column within the CSV with a header attribute not previously configured.
- Optional attributes must be present to be updated. If an attribute is optional, and there is no header in the CSV file for the optional attribute, Okta does not update that attribute, but it updates all other attributes.