Update User

Update an Okta user's system information and profile properties by ID or username.

This action will not update information about application users. If you attempt to do so when the user type is invalid or incorrect, a 404 error will be returned. To retrieve details about an application user, use the Custom API Action card. See Application user operations for more information on reading information about assigned users for an application.

Scopes

See Action cards for the list of required OAuth scopes for this card.

Options

Field Definition Type Required

Update Semantics

Partial: Updates a user's profile or credentials with partial update semantics. Any properties that are not specified are ignored, and will maintain their current value.

Strict: Updates a user's profile and credentials using strict-update semantics. IMPORTANT: All profile properties must be specified when updating a user's profile. Any property not specified in the request is set to null.

Dropdown

FALSE

Input

Field Definition Type Required

User

ID

ID of the Okta user (usually in an email format).

Text

FALSE

Option

Pass Empty Values?

Only appears when Update Semantics is set to Partial.

  • If Yes, all fields selected and filled in with valid values will be updated. All fields selected but left blank will be cleared, except special fields. See the note below. All fields unselected will remain unchanged.
  • If No, all fields selected and filled in with valid values will be updated. All fields unselected or left blank will remain unchanged.
  • Also see 1. Basic information fields.

Dropdown

FALSE

Profile

City

City or locality component of user's address.

Text

FALSE

Cost center

Name of a cost center assigned to the user.

Text

FALSE

Country code

Country abbreviation.

Text

FALSE

Department

User's department name.

Text

FALSE

Display name

Name of the user, suitable for display to end users.

Text

FALSE

Division

Name of the user's division.

Text

FALSE

Primary email

User's primary email address.

Text

FALSE

Employee number

Unique identifier assigned to the user by their organization or company.

Text

FALSE

First name

User's first name.

Text

FALSE

Honorific prefix

User's honorific prefix(es), also known as title in most Western languages.

Text

FALSE

Honorific suffix

User's honorific suffix(es), also known as title in most Western languages.

Text

FALSE

Last name

User's last name or family name.

Text

FALSE

Locale

User's default location for purposes of localizing items like currency, date/time format, and numerical representations.

Text

FALSE

Username

Login username of the user, usually in the form of an email address

Text

FALSE

Manager

Display name of the user's manager.

Text

FALSE

ManagerId

ID of the user's manager.

Text

FALSE

Middle name

User's middle name.

Text

FALSE

Mobile phone

User's mobile phone number.

Text

FALSE

Nickname

User's preferred nickname, if applicable.

Text

FALSE

Organization

Name of the user's organization.

Text

FALSE

Postal Address

Mailing address component of user's address.

Text

FALSE

Preferred language

User's preferred written or spoken languages.

Text

FALSE

Primary phone

Primary phone number of the user, such as their home number.

Text

FALSE

Profile Url

URL of user's online profile (a web page).

Text

FALSE

Secondary email

Secondary email address of the user (typically used for account recovery).

Text

FALSE

State

State or region component of user's address.

Text

FALSE

Street address

Full street address component of user's address.

Text

FALSE

Time zone

User's time zone.

Text

FALSE

Title

Job title of the user.

Text

FALSE

User type

User's relationship to the organization, such as Employee or Contractor.

Text

FALSE

Zip code

Zip code or postal code component of the user's address.

Text

FALSE

Custom Profile Properties

Additional custom user profile properties that are generated when configuring this card.

dynamically generated

FALSE

Credentials

Password

String value for the user's new password.

Text

FALSE

Recovery Question

Question to enable password recovery for the user.

Text

FALSE

Recovery Answer

Answer to the password recovery question.

Text

FALSE

Also see 2. Credentials fields.

Output

Field Definition Type

System Properties

ID

ID of the Okta user.

Text

Status

Current status of the user: STAGED, PROVISIONED, ACTIVE, RECOVERY, LOCKED_OUT, PASSWORD_EXPIRED, SUSPENDED, or DEPROVISIONED.

Text

Created

Date and time when the object was created.

Date & Time

Activated

Time stamp when the transition to ACTIVE status completed.

True/False

Status Changed

Date of the user's last status change.

Date & Time

Last Login

Time stamp of the uer's last login date.

Date & Time

Last Updated

Time stamp of the user's last update.

Date & Time

Password Changed

Time stamp of the user's last password change.

True/False

Credentials

Emails

List of emails associated with the user.

List

Password

true if the user has a valid password or imported hashed password; false, otherwise.

True/False

Recovery Question

Recovery question when a user forgets their password.

Text

Provider

Name

Name of the authentication provider.

Text

Type

Type of authentication provider: OKTA, ACTIVE_DIRECTORY, LDAP, FEDERATION, SOCIAL or IMPORT.

Text

Profile Properties

City

City or locality component of user's address.

Text

Cost center

Name of a cost center assigned to the user.

Text

Country code

Country abbreviation.

Text

Department

User's department name.

Text

Display name

Name of the user, suitable for display to end users.

Text

Division

Name of the user's division.

Text

Primary email

User's primary email address.

Text

Employee number

Unique identifier assigned to the user by their organization or company.

Text

First name

User's first name.

Text

Honorific prefix

User's honorific prefix(es), also known as title in most Western languages.

Text

Honorific suffix

User's honorific suffix(es), also known as title in most Western languages.

Text

Last name

User's last name or family name.

Text

Locale

User's default location for purposes of localizing items like currency, date/time format, and numerical representations.

Text

Username

Login username of the user, usually in the form of an email address

Text

Manager

Display name of the user's manager.

Text

ManagerId

ID of the user's manager.

Text

Middle name

User's middle name.

Text

Mobile phone

User's mobile phone number.

Text

Nickname

User's preferred nickname, if applicable.

Text

Organization

Name of the user's organization.

Text

Postal Address

Mailing address component of user's address.

Text

Preferred language

User's preferred written or spoken languages.

Text

Primary phone

Primary phone number of the user, such as their home number.

Text

Profile Url

URL of user's online profile (a web page).

Text

Secondary email

Secondary email address of the user (typically used for account recovery).

Text

State

State or region component of user's address.

Text

Street address

Full street address component of user's address.

Text

Time zone

User's time zone.

Text

Title

Job title of the user.

Text

User type

User's relationship to the organization, such as Employee or Contractor.

Text

Zip code

Zip code or postal code component of the user's address.

Text

Custom Profile Properties

Additional custom user profile properties that are generated when configuring this card.

dynamically generated

Additional information

1. Basic information fields

The following four fields are basic information fields and can't be cleared:

  • Username
  • First Name
  • Last Name
  • Primary Email
If Update Semantics is set to and Pass Empty Values is set to What happens to the basic fields

Partial

Yes

  • If any of these four fields is selected and left blank, the card will report error.
  • Any of these fields selected and filled in with valid value will be updated.
  • Any unselected field will remain unchanged.

Partial

No

  • Any of these four fields selected and filled in with valid value will be updated.
  • Any of these fields selected but left blank or unselected will remain unchanged.

Strict

n/a

  • If any of these four fields is selected but left blank or unselected, the card will report error.
  • The card can pass only when all of these fields are selected and filled in with valid values.

2. Credentials fields

a. Password

  • It doesn't show the actual value, but always show true whether the field has existing value or the value is cleared out.
  • It shows false only when a user was created without credential, and never had a valid password before.
  • To clear the field, select it and leave it blank while using one of the following options:
    • Update Semantics is set to Partial and Pass Empty Values is set to Yes
    • Update Semantics is set to Strict
  • If the field is unselected, it will always remain unchanged.

b. Recovery Question and Recovery Answer

  • These fields can't be cleared.
  • They can only be empty if a user was created without credential, and never had a valid recovery question and answer set up before.
  • These two fields must be updated at the same time or else they'll remain unchanged.

Related topics

Okta connector

Workflow elements

Guidance for Okta connector

Okta API documentation