Skip to main content

Syncing Okta user attributes to Omni with SCIM

Custom user attributes can be synced from Okta to Omni, allowing you to fully centralize your user management in Okta.

In this guide, we'll demonstrate how to sync a user attribute named blob_entity from Okta to Omni.

Requirements

To follow the steps in this guide, you'll need:

  • To set up SCIM provisioning with Okta. Refer to the Omni setup guide for more information.
  • Organization Admin permissions in Omni
  • Permissions in Okta that allow you to:
    • Access the Admin console
    • Create user profile attributes
    • Define user profile attribute values
    • Modify applications

1. Create an Omni user attribute

In Omni, navigate to Settings > Attributes and create a new attribute.

Our example attribute, blob_entity, has the following settings:

  • Name - Blob Entity
  • Reference - blob_entity
  • Type - string

2. Create & define an Okta user profile attribute

Click the dropdowns to display instructions for each step.

2.1. Create the attribute

Passing a default Okta attribute?

Creating an attribute is required only if the attribute you want to pass to Omni doesn't exist in Okta's default user attributes, such as name or city.

  1. Log in to your Okta Admin console.
  2. Navigate to Directory > Profile Editor.
  3. Click the User (default) option.
  4. Click the Add Attribute button.
  5. Fill in the attribute fields as follows:
    • Data type - Select the Type the attribute has in Omni. For example, if the attribute has a Type of string in Omni, you'd select string.
    • Display name - Enter a name for the attribute.
    • Variable name - Enter the Reference for the attribute in Omni. In our example, this would be blob_entity.
    • Enum - If the Omni attribute can have multiple values, check this box and use the fields that display to add the possible values.
  6. Omni doesn't require a specific configuration for the remaining fields; feel free to define them as needed.
  7. When finished, click Save.
2.2. Define attribute values

After you create the attribute, open the profile of each user assigned to the Omni application and define a value for the attribute. Refer to the Okta documentation if you need a refresher on how to do this.

3. Create an Omni application attribute

  1. In Okta, navigate to Directory > Profile Editor.
  2. Click the Omni application.
  3. Click Add Attribute.
  4. Fill in the attribute fields as follows:
    • Data type - Select the Type the attribute has in Omni. For example, if the attribute has a Type of string in Omni, you'd select string.
    • Display name - Enter a name for the attribute.
    • Variable name - Enter the Reference for the attribute in Omni. In our example, this would be blob_entity.
    • External name - This will auto-populate based on the Variable name
    • External namespace - Copy and paste the following into this field: 
      urn:omni:params:1.0:UserAttribute
      This value must be this exact string - don't change the UserAttribute.
    • Enum - If the Omni attribute can have multiple values, check this box and use the fields that display to add the possible values.
  5. Click Save.

4. Map the user & application attributes

The last step is to map the Okta profile attribute to the Omni application attribute.

  1. In the profile editor for the Omni application, click the Mappings button:

  2. In the dialog that displays, toggle the view to Okta User to Omni Analytics:

  3. Use the dropdowns to map the attributes to each other. In our example, the user.blobEntity attribute on the Omni user profile side is mapped to the blobEntity attribute on the Omni Analytics User Profile side.

  4. Use the arrows in the middle of the dialog to set the attribute to Apply mapping on user create and update:

  5. When finished, click Save Mappings.

What's next?

At this point, there are two things left:

  • Syncing the attributes to Omni. You can do this by:

    • Waiting for Okta to perform the next automatic sync, or
    • Forcing a manual sync. Open the Okta Omni application, click the Provisioning tab, and scroll down to the Attributes section. Click the Force Sync button to trigger a sync.

  • Defining attribute values. When you do this, use the user profile attribute you created in Okta in step 2. The mapping between this attribute and the one in the Okta Omni application will allow the value to flow through to your Omni instance.

    If you need a refresher on how to do this, refer to the Okta documentation.