Update User

Update an Okta user's system information and profile properties by ID or username.

This action will not update information about application users. If you attempt to do so when the user type is invalid or incorrect, a 404 error will be returned. To retrieve details about an application user, use the Custom API Action card. See Application user operations for more information on reading information about assigned users for an application.

Scopes

See Action cards for the list of required OAuth scopes for this card.

Options

Field	Definition	Type	Required
Update Semantics	Partial: Updates a user's profile or credentials with partial update semantics. Any properties that are not specified are ignored, and will maintain their current value. Strict: Updates a user's profile and credentials using strict-update semantics. IMPORTANT: All profile properties must be specified when updating a user's profile. Any property not specified in the request is set to null.	Dropdown	FALSE

Field

Definition

Type

Required

Update Semantics

Partial: Updates a user's profile or credentials with partial update semantics. Any properties that are not specified are ignored, and will maintain their current value.

Strict: Updates a user's profile and credentials using strict-update semantics. IMPORTANT: All profile properties must be specified when updating a user's profile. Any property not specified in the request is set to null.

Dropdown

FALSE

Input

Field	Definition	Type	Required
User
ID	ID of the Okta user (usually in an email format).	Text	FALSE
Option
Pass Empty Values?	Only appears when Update Semantics is set to Partial. If Yes, all fields selected and filled in with valid values will be updated. All fields selected but left blank will be cleared, except special fields. See the note below. All fields unselected will remain unchanged. If No, all fields selected and filled in with valid values will be updated. All fields unselected or left blank will remain unchanged. Also see 1. Basic information fields.	Dropdown	FALSE
Profile
City	City or locality component of user's address.	Text	FALSE
Cost center	Name of a cost center assigned to the user.	Text	FALSE
Country code	Country abbreviation.	Text	FALSE
Department	User's department name.	Text	FALSE
Display name	Name of the user, suitable for display to end users.	Text	FALSE
Division	Name of the user's division.	Text	FALSE
Primary email	User's primary email address.	Text	FALSE
Employee number	Unique identifier assigned to the user by their organization or company.	Text	FALSE
First name	User's first name.	Text	FALSE
Honorific prefix	User's honorific prefix(es), also known as title in most Western languages.	Text	FALSE
Honorific suffix	User's honorific suffix(es), also known as title in most Western languages.	Text	FALSE
Last name	User's last name or family name.	Text	FALSE
Locale	User's default location for purposes of localizing items like currency, date/time format, and numerical representations.	Text	FALSE
Username	Login username of the user, usually in the form of an email address	Text	FALSE
Manager	Display name of the user's manager.	Text	FALSE
ManagerId	ID of the user's manager.	Text	FALSE
Middle name	User's middle name.	Text	FALSE
Mobile phone	User's mobile phone number.	Text	FALSE
Nickname	User's preferred nickname, if applicable.	Text	FALSE
Organization	Name of the user's organization.	Text	FALSE
Postal Address	Mailing address component of user's address.	Text	FALSE
Preferred language	User's preferred written or spoken languages.	Text	FALSE
Primary phone	Primary phone number of the user, such as their home number.	Text	FALSE
Profile Url	URL of user's online profile (a web page).	Text	FALSE
Secondary email	Secondary email address of the user (typically used for account recovery).	Text	FALSE
State	State or region component of user's address.	Text	FALSE
Street address	Full street address component of user's address.	Text	FALSE
Time zone	User's time zone.	Text	FALSE
Title	Job title of the user.	Text	FALSE
User type	User's relationship to the organization, such as Employee or Contractor.	Text	FALSE
Zip code	Zip code or postal code component of the user's address.	Text	FALSE
Custom Profile Properties	Additional custom user profile properties that are generated when configuring this card.	dynamically generated	FALSE
Credentials
Password	String value for the user's new password.	Text	FALSE
Recovery Question	Question to enable password recovery for the user.	Text	FALSE
Recovery Answer	Answer to the password recovery question.	Text	FALSE
Also see 2. Credentials fields.

Output

Field	Definition	Type
System Properties
ID	ID of the Okta user.	Text
Status	Current status of the user: STAGED, PROVISIONED, ACTIVE, RECOVERY, LOCKED_OUT, PASSWORD_EXPIRED, SUSPENDED, or DEPROVISIONED.	Text
Created	Date and time when the object was created.	Date & Time
Activated	Time stamp when the transition to ACTIVE status completed.	True/False
Status Changed	Date of the user's last status change.	Date & Time
Last Login	Time stamp of the uer's last login date.	Date & Time
Last Updated	Time stamp of the user's last update.	Date & Time
Password Changed	Time stamp of the user's last password change.	True/False
Credentials
Emails	List of emails associated with the user.	List
Password	true if the user has a valid password or imported hashed password; false, otherwise.	True/False
Recovery Question	Recovery question when a user forgets their password.	Text
Provider
Name	Name of the authentication provider.	Text
Type	Type of authentication provider: OKTA, ACTIVE_DIRECTORY, LDAP, FEDERATION, SOCIAL or IMPORT.	Text
Profile Properties
City	City or locality component of user's address.	Text
Cost center	Name of a cost center assigned to the user.	Text
Country code	Country abbreviation.	Text
Department	User's department name.	Text
Display name	Name of the user, suitable for display to end users.	Text
Division	Name of the user's division.	Text
Primary email	User's primary email address.	Text
Employee number	Unique identifier assigned to the user by their organization or company.	Text
First name	User's first name.	Text
Honorific prefix	User's honorific prefix(es), also known as title in most Western languages.	Text
Honorific suffix	User's honorific suffix(es), also known as title in most Western languages.	Text
Last name	User's last name or family name.	Text
Locale	User's default location for purposes of localizing items like currency, date/time format, and numerical representations.	Text
Username	Login username of the user, usually in the form of an email address	Text
Manager	Display name of the user's manager.	Text
ManagerId	ID of the user's manager.	Text
Middle name	User's middle name.	Text
Mobile phone	User's mobile phone number.	Text
Nickname	User's preferred nickname, if applicable.	Text
Organization	Name of the user's organization.	Text
Postal Address	Mailing address component of user's address.	Text
Preferred language	User's preferred written or spoken languages.	Text
Primary phone	Primary phone number of the user, such as their home number.	Text
Profile Url	URL of user's online profile (a web page).	Text
Secondary email	Secondary email address of the user (typically used for account recovery).	Text
State	State or region component of user's address.	Text
Street address	Full street address component of user's address.	Text
Time zone	User's time zone.	Text
Title	Job title of the user.	Text
User type	User's relationship to the organization, such as Employee or Contractor.	Text
Zip code	Zip code or postal code component of the user's address.	Text
Custom Profile Properties	Additional custom user profile properties that are generated when configuring this card.	dynamically generated

Additional information

1. Basic information fields

The following four fields are basic information fields and can't be cleared:

Username
First Name
Last Name
Primary Email

If Update Semantics is set to	and Pass Empty Values is set to	What happens to the basic fields
Partial	Yes	If any of these four fields is selected and left blank, the card will report error. Any of these fields selected and filled in with valid value will be updated. Any unselected field will remain unchanged.
Partial	No	Any of these four fields selected and filled in with valid value will be updated. Any of these fields selected but left blank or unselected will remain unchanged.
Strict	n/a	If any of these four fields is selected but left blank or unselected, the card will report error. The card can pass only when all of these fields are selected and filled in with valid values.

If Update Semantics is set to

and Pass Empty Values is set to

What happens to the basic fields

Partial

Yes

If any of these four fields is selected and left blank, the card will report error.
Any of these fields selected and filled in with valid value will be updated.
Any unselected field will remain unchanged.

Partial

Any of these four fields selected and filled in with valid value will be updated.
Any of these fields selected but left blank or unselected will remain unchanged.

Strict

n/a

If any of these four fields is selected but left blank or unselected, the card will report error.
The card can pass only when all of these fields are selected and filled in with valid values.

2. Credentials fields

a. Password

It doesn't show the actual value, but always show true whether the field has existing value or the value is cleared out.
It shows false only when a user was created without credential, and never had a valid password before.
To clear the field, select it and leave it blank while using one of the following options:
- Update Semantics is set to Partial and Pass Empty Values is set to Yes
- Update Semantics is set to Strict
If the field is unselected, it will always remain unchanged.

b. Recovery Question and Recovery Answer

These fields can't be cleared.
They can only be empty if a user was created without credential, and never had a valid recovery question and answer set up before.
These two fields must be updated at the same time or else they'll remain unchanged.