Adding/Mapping Additional Attributes
Okta does not push over some user attributes that admins may want synced into Forcepoint ONE SSE. For these attributes (secondary email, mobile phone number, and manager), admins will need to add them to the SCIM app created in Okta and map them.
Steps
- Under the Okta SCIM application you created, select the Provisioning tab and make sure you are selected To App tab in the Settings column on the left. Scroll down below the API options to the Attribute Mapping section and select Go to Profile Editor.
-
Add the attributes to the list. Click Add Attribute and then fill out the new dialog window with the information below for each of the attributes you wish
to add.
Mobile Phone NumberSecondary Email
Variable Value Display name Mobile Phone Variable Name mobilePhone External name phoneNumbers.^[type==mobile].value External namespace urn:ietf:params:scim:schemas:core:2.0:User ManagerVariable Value Display name Secondary Email Variable Name secondaryEmail External name emails.^[type==other].value External namespace urn:ietf:params:scim:schemas:core:2.0:User Variable Value Display name manager Variable Name managerValue External name manager.value External namespace urn:ietf:params:scim:schemas:core:2.0:User -
Once you have added the attributes above, click on the Mappings button. At the top of the new window, click Okta User to (Name of your SCIM
app).
-
Scroll to the bottom and you should see blank fields representing the number of attributes you added but have not been mapped yet. Select each attribute from the dropdown and then
click Save Mappings at the bottom.
Now, when Okta provisions the users into Forcepoint ONE SSE, it will also includes these additional attributes you have added/mapped.