Custom user types in Universal Directory
Okta supports up to 10 user types. This number includes the default Okta user profile plus up to nine custom user types.
When you create a custom user type, Universal Directory makes what is in essence a copy of the default Okta user profile with the default 31 base Okta attributes. The copy is created with the new user type name that you give it (for example, Contractor). After this copy is made, you can then add custom attributes that are relevant to the Contractor user type.
You can customize the 31 base Okta user attributes. Each custom user type can have different attribute settings. You can choose to make attributes optional or required, select different enum types, and so on. Each user type can map the Okta user profile attributes to different application attributes and add custom attributes. This gives you complete flexibility in your authentication and provisioning scenarios.
User types allow you to do the following:
- Have up to 10 distinct user types within a single Okta org.
- Apply different constraints on attributes. For example, for email, you can specify a specific email domain as the format for one user type and another domain for a different user type.
- Have different profile mappings for the same app for different user types.
Each Okta user can only have one user type, which is selected when that user is created. For example, suppose you have a user named Jane Doe. She can only have one Okta user type: either the default Okta user type or a custom user type.
Use case
If Jane requires two user types, two distinct user profiles must be created. What does this mean?
Jane Doe is a teacher at a local college. As a teacher, she requires access to certain applications for creating class materials, providing student grades and dealing with internal employee applications for benefits and payroll. Jane Doe would be created as the custom user type Teacher.
If Jane Doe wants to take advantage of the free tuition offered to employees and she enrolls in a class, she would no longer be signing in as a teacher at the college. She would need a student profile, so that she can access student-related applications for viewing class material, interacting with her classmates online, and viewing her grades. Jane Doe can't reuse her existing Okta user ID. A new user profile must be created for her with the custom user type of Student that gives her the necessary attributes required for a student account.
To work with custom user types, see Universal Directory custom user types known issues.