Update User
Update an Okta user's system information and profile properties by ID or username.
This action will not update information about application users. If you attempt to do so when the user type is invalid or incorrect, a 404 error will be returned. To retrieve details about an application user, use the Custom API Action card. See Application user operations for more information on reading information about assigned users for an application.
Scopes
See Action cards for the list of required OAuth scopes for this card.
Options
Field | Definition | Type | Required |
---|---|---|---|
Update Semantics | Partial: Updates a user's profile or credentials with partial update semantics. Any properties that are not specified are ignored, and will maintain their current value. Strict: Updates a user's profile and credentials using strict-update semantics. IMPORTANT: All profile properties must be specified when updating a user's profile. Any property not specified in the request is set to null. |
Dropdown |
FALSE |
Input
Field | Definition | Type | Required |
---|---|---|---|
User |
|||
ID | ID of the Okta user (usually in an email format). |
Text |
FALSE |
Option |
|||
Pass Empty Values? | Only appears when Update Semantics is set to Partial.
|
Dropdown |
FALSE |
Profile |
|||
City | City or locality component of user's address. |
Text |
FALSE |
Cost center | Name of a cost center assigned to the user. |
Text |
FALSE |
Country code | Country abbreviation. |
Text |
FALSE |
Department | User's department name. |
Text |
FALSE |
Display name | Name of the user, suitable for display to end users. |
Text |
FALSE |
Division | Name of the user's division. |
Text |
FALSE |
Primary email | User's primary email address. |
Text |
FALSE |
Employee number | Unique identifier assigned to the user by their organization or company. |
Text |
FALSE |
First name | User's first name. |
Text |
FALSE |
Honorific prefix | User's honorific prefix(es), also known as title in most Western languages. |
Text |
FALSE |
Honorific suffix | User's honorific suffix(es), also known as title in most Western languages. |
Text |
FALSE |
Last name | User's last name or family name. |
Text |
FALSE |
Locale | User's default location for purposes of localizing items like currency, date/time format, and numerical representations. |
Text |
FALSE |
Username | Login username of the user, usually in the form of an email address |
Text |
FALSE |
Manager | Display name of the user's manager. |
Text |
FALSE |
ManagerId | ID of the user's manager. |
Text |
FALSE |
Middle name | User's middle name. |
Text |
FALSE |
Mobile phone | User's mobile phone number. |
Text |
FALSE |
Nickname | User's preferred nickname, if applicable. |
Text |
FALSE |
Organization | Name of the user's organization. |
Text |
FALSE |
Postal Address | Mailing address component of user's address. |
Text |
FALSE |
Preferred language | User's preferred written or spoken languages. |
Text |
FALSE |
Primary phone | Primary phone number of the user, such as their home number. |
Text |
FALSE |
Profile Url | URL of user's online profile (a web page). |
Text |
FALSE |
Secondary email | Secondary email address of the user (typically used for account recovery). |
Text |
FALSE |
State | State or region component of user's address. |
Text |
FALSE |
Street address | Full street address component of user's address. |
Text |
FALSE |
Time zone | User's time zone. |
Text |
FALSE |
Title |
Job title of the user. |
Text |
FALSE |
User type | User's relationship to the organization, such as Employee or Contractor. |
Text |
FALSE |
Zip code | Zip code or postal code component of the user's address. |
Text |
FALSE |
Custom Profile Properties | Additional custom user profile properties that are generated when configuring this card. | dynamically generated |
FALSE |
Credentials |
|||
Password | String value for the user's new password. |
Text |
FALSE |
Recovery Question | Question to enable password recovery for the user. |
Text |
FALSE |
Recovery Answer | Answer to the password recovery question. |
Text |
FALSE |
Also see 2. Credentials fields. |
Output
Field | Definition | Type |
---|---|---|
System Properties |
||
ID | ID of the Okta user. |
Text |
Status | Current status of the user: STAGED, PROVISIONED, ACTIVE, RECOVERY, LOCKED_OUT, PASSWORD_EXPIRED, SUSPENDED, or DEPROVISIONED. |
Text |
Created |
Date and time when the object was created. |
Date & Time |
Activated | Time stamp when the transition to ACTIVE status completed. |
True/False |
Status Changed | Date of the user's last status change. |
Date & Time |
Last Login | Time stamp of the uer's last login date. |
Date & Time |
Last Updated | Time stamp of the user's last update. |
Date & Time |
Password Changed | Time stamp of the user's last password change. |
True/False |
Credentials |
||
Emails | List of emails associated with the user. |
List |
Password | true if the user has a valid password or imported hashed password; false, otherwise. |
True/False |
Recovery Question | Recovery question when a user forgets their password. |
Text |
Provider |
||
Name | Name of the authentication provider. |
Text |
Type | Type of authentication provider: OKTA, ACTIVE_DIRECTORY, LDAP, FEDERATION, SOCIAL or IMPORT. |
Text |
Profile Properties |
||
City | City or locality component of user's address. |
Text |
Cost center | Name of a cost center assigned to the user. |
Text |
Country code | Country abbreviation. |
Text |
Department | User's department name. |
Text |
Display name | Name of the user, suitable for display to end users. |
Text |
Division | Name of the user's division. |
Text |
Primary email | User's primary email address. |
Text |
Employee number | Unique identifier assigned to the user by their organization or company. |
Text |
First name | User's first name. |
Text |
Honorific prefix | User's honorific prefix(es), also known as title in most Western languages. |
Text |
Honorific suffix | User's honorific suffix(es), also known as title in most Western languages. |
Text |
Last name | User's last name or family name. |
Text |
Locale | User's default location for purposes of localizing items like currency, date/time format, and numerical representations. |
Text |
Username | Login username of the user, usually in the form of an email address |
Text |
Manager | Display name of the user's manager. |
Text |
ManagerId | ID of the user's manager. |
Text |
Middle name | User's middle name. |
Text |
Mobile phone | User's mobile phone number. |
Text |
Nickname | User's preferred nickname, if applicable. |
Text |
Organization | Name of the user's organization. |
Text |
Postal Address | Mailing address component of user's address. |
Text |
Preferred language | User's preferred written or spoken languages. |
Text |
Primary phone | Primary phone number of the user, such as their home number. |
Text |
Profile Url | URL of user's online profile (a web page). |
Text |
Secondary email | Secondary email address of the user (typically used for account recovery). |
Text |
State | State or region component of user's address. |
Text |
Street address | Full street address component of user's address. |
Text |
Time zone | User's time zone. |
Text |
Title |
Job title of the user. |
Text |
User type | User's relationship to the organization, such as Employee or Contractor. |
Text |
Zip code | Zip code or postal code component of the user's address. |
Text |
Custom Profile Properties | Additional custom user profile properties that are generated when configuring this card. | dynamically generated |
Additional information
1. Basic information fields
The following four fields are basic information fields and can't be cleared:
- Username
- First Name
- Last Name
- Primary Email
If Update Semantics is set to | and Pass Empty Values is set to | What happens to the basic fields |
---|---|---|
Partial | Yes |
|
Partial | No |
|
Strict | n/a |
|
2. Credentials fields
a. Password
- It doesn't show the actual value, but always show true whether the field has existing value or the value is cleared out.
- It shows false only when a user was created without credential, and never had a valid password before.
- To clear the field, select it and leave it blank while using one of the following options:
- Update Semantics is set to Partial and Pass Empty Values is set to Yes
- Update Semantics is set to Strict
- If the field is unselected, it will always remain unchanged.
b. Recovery Question and Recovery Answer
- These fields can't be cleared.
- They can only be empty if a user was created without credential, and never had a valid recovery question and answer set up before.
- These two fields must be updated at the same time or else they'll remain unchanged.