Update User

Update an Okta user's system information and profile properties by ID or username.

Note: This action will not update information about application users , attempting to do so will result in a 404 error when the user type is invalid or incorrect. To retrieve details about an application user, use the Custom API Action card. See Application user operations for more information on reading information about assigned users for an application.

Unless otherwise indicated, field types are text.

Options

  • Update Semantics (drop-down list)

    • Partial: Updates a user's profile or credentials with partial update semantics. Any properties that are not specified are ignored, and will maintain their current value.

    • Strict: Updates a user's profile and credentials using strict-update semantics. IMPORTANT: All profile properties must be specified when updating a user's profile. Any property not specified in the request is set to null.

Input

  • User

    • ID: The ID of the Okta user (usually in an email format).
  • Option

    • Pass Empty Values? (drop-down): Only appears when Update Semantics is set to Partial.
      • If Yes, all fields selected and filled in with valid values will be updated. All fields selected but left blank will be cleared, except special fields. See the note below. All fields unselected will remain unchanged.
      • If No, all fields selected and filled in with valid values will be updated. All fields unselected or left blank will remain unchanged.
      • Also see 1. Basic information fields.
  • Profile

    • City: The city or locality component of user's address.

    • Cost center: The name of a cost center assigned to the user.

    • Country code: Country abbreviation.

    • Department: The user's department name.

    • Display name: The name of the user, suitable for display to end users.

    • Division: The name of the user's division.

    • Primary email: The user's primary email address.

    • Employee number: The unique identifier assigned to the user by their organization or company.

    • First name: The user's first name.

    • Honorific prefix: The user's honorific prefix(es), also known as title in most Western languages.

    • Honorific suffix: The user's honorific suffix(es), also known as title in most Western languages.

    • Last name: The user's last name or family name.

    • Locale: The user's default location for purposes of localizing items like currency, date/time format, and numerical representations.

    • Username: login username of the user, usually in the form of an email address

    • Manager: The display name of the user's manager.

    • ManagerId: The ID of the user's manager.

    • Middle name: The user's middle name.

    • Mobile phone: The user's mobile phone number.

    • Nickname: The user's preferred nickname, if applicable.

    • Organization: The name of the user's organization.

    • Postal Address: The mailing address component of user's address.

    • Preferred language: The user's preferred written or spoken languages.

    • Primary phone: The primary phone number of the user, such as their home number.

    • Profile Url: The URL of user's online profile (a web page).

    • Secondary email: The secondary email address of the user (typically used for account recovery).

    • State: The state or region component of user's address.

    • Street address: The full street address component of user's address.

    • Time zone: The user's time zone.

    • Title: The user's title, such as Vice President.

    • User type: The user's relationship to the organization, such as Employee or Contractor.

    • Zip code: The zip code or postal code component of the user's address.

    • Custom Profile Properties (dynamically generated): Aditional custom user profile properties that are generated when configuring this card.

  • Credentials

    • Password: The string value for the user's new password.

    • Recovery Question: The question to enable password recovery for the user.

    • Recovery Answer: The answer to the password recovery question.

    • Also see 2. Credentials fields.

Output

  • System Properties

    • ID: The ID of the Okta user.

    • Status: The current status of the user: STAGED, PROVISIONED, ACTIVE, RECOVERY, LOCKED_OUT, PASSWORD_EXPIRED, SUSPENDED, or DEPROVISIONED.

    • Created (date): The timestamp when the user was created.

    • Activated (boolean): The timestamp when the transition to ACTIVE status completed.

    • Status Changed (date): The date of the user's last status change.

    • Last Login (date): The timestamp of the uer's last login date.

    • Last Updated (date): The timestamp of the user's last update.

    • Password Changed (boolean): The timestamp of the user's last password change.

    • Credentials (list)

      • Emails (list): The list of emails associated with the user.

      • Password (boolean): true if the user has a valid password or imported hashed password; false, otherwise.

      • Recovery Question: The recovery question when a user forgets their password.

      • Provider (object)

        • Name: The name of the authentication provider.

        • Type: The type of authentication provider: OKTA, ACTIVE_DIRECTORY, LDAP, FEDERATION, SOCIAL or IMPORT.

  • Profile Properties

    • City: The city or locality component of user's address.

    • Cost center: The name of a cost center assigned to the user.

    • Country code: Country abbreviation.

    • Department: The user's department name.

    • Display name: The name of the user, suitable for display to end users.

    • Division: The name of the user's division.

    • Primary email: The user's primary email address.

    • Employee number: The unique identifier assigned to the user by their organization or company.

    • First name: The user's first name.

    • Honorific prefix: The user's honorific prefix(es), also known as title in most Western languages.

    • Honorific suffix: The user's honorific suffix(es), also known as title in most Western languages.

    • Last name: The user's last name or family name.

    • Locale: The user's default location for purposes of localizing items like currency, date/time format, and numerical representations.

    • Username: login username of the user, usually in the form of an email address

    • Manager: The display name of the user's manager.

    • ManagerId: The ID of the user's manager.

    • Middle name: The user's middle name.

    • Mobile phone: The user's mobile phone number.

    • Nickname: The user's preferred nickname, if applicable.

    • Organization: The name of the user's organization.

    • Postal Address: The mailing address component of user's address.

    • Preferred language: The user's preferred written or spoken languages.

    • Primary phone: The primary phone number of the user, such as their home number.

    • Profile Url: The URL of user's online profile (a web page).

    • Secondary email: The secondary email address of the user (typically used for account recovery).

    • State: The state or region component of user's address.

    • Street address: The full street address component of user's address.

    • Time zone: The user's time zone.

    • Title: The user's title, such as Vice President.

    • User type: The user's relationship to the organization, such as Employee or Contractor.

    • Zip code: The zip code or postal code component of the user's address.

    • Custom Profile Properties (dynamically generated): Aditional custom user profile properties that are generated when configuring this card.

Notes

1. Basic information fields

The following four fields are basic information fields and can't be cleared:

  • Username
  • First Name
  • Last Name
  • Primary Email
If Update Semantics is set to and Pass Empty Values is set to What happens to the basic fields
Partial Yes
  • If any of these four fields is selected and left blank, the card will report error.
  • Any of these fields selected and filled in with valid value will be updated.
  • Any unselected field will remain unchanged.
Partial No
  • Any of these four fields selected and filled in with valid value will be updated.
  • Any of these fields selected but left blank or unselected will remain unchanged.
Strict n/a
  • If any of these four fields is selected but left blank or unselected, the card will report error.
  • The card can pass only when all of these fields are selected and filled in with valid values.

2. Credentials fields

a. Password

  • It doesn't show the actual value, but always show true whether the field has existing value or the value is cleared out.
  • It shows false only when a user was created without credential, and never had a valid password before.
  • To clear the field, select it and leave it blank while using one of the following options:
    • Update Semantics is set to Partial and Pass Empty Values is set to Yes
    • Update Semantics is set to Strict
  • If the field is unselected, it will always remain unchanged.

b. Recovery Question and Recovery Answer

  • These fields can’t be cleared.
  • They can only be empty if a user was created without credential, and never had a valid recovery question and answer set up before.
  • These two fields must be updated at the same time or else they'll remain unchanged.

Related topics

Okta connector

About the elements of Okta Workflows

Okta API