Map Okta user profile attributes to LDAP attributes

You can only add attributes to the directory profile if they are already in the directory, so Okta first does a schema discovery step to populate the attribute picker. For Okta to discover the attribute, it must be added to an object within the User object hierarchy in the directory: user object, a parent object, or an auxiliary object.

The agent takes a few seconds to execute the schema discovery. When it's done you'll get a list of the attributes that Okta has the permissions to discover in the directory.

  1. In the Admin Console, go to DirectoryDirectory Integrations.
  2. Select the LDAP agent from the list of directories.
  3. Click the Provisioning tab and select To App in the Settings list.
  4. Scroll to the Attribute Mappings section and then click the edit icon to add or edit attribute mapping.

    Unmapped attributes are identified with a yellow warning triangle and the text Not mapped.

  5. Click Save.