Adding/Mapping Additional Attributes

Okta does not push over some user attributes that admins may want synced into Forcepoint ONE SSE. For these attributes (secondary email, mobile phone number, and manager), admins will need to add them to the SCIM app created in Okta and map them.

Steps

  1. Under the Okta SCIM application you created, select the Provisioning tab and make sure you are selected To App tab in the Settings column on the left. Scroll down below the API options to the Attribute Mapping section and select Go to Profile Editor.
  2. Add the attributes to the list. Click Add Attribute and then fill out the new dialog window with the information below for each of the attributes you wish to add.
    Mobile Phone Number
    Variable Value
    Display name Mobile Phone
    Variable Name mobilePhone
    External name phoneNumbers.^[type==mobile].value
    External namespace urn:ietf:params:scim:schemas:core:2.0:User
    Secondary Email
    Variable Value
    Display name Secondary Email
    Variable Name secondaryEmail
    External name emails.^[type==other].value
    External namespace urn:ietf:params:scim:schemas:core:2.0:User
    Manager
    Variable Value
    Display name manager
    Variable Name managerValue
    External name manager.value
    External namespace urn:ietf:params:scim:schemas:core:2.0:User
  3. Once you have added the attributes above, click on the Mappings button. At the top of the new window, click Okta User to (Name of your SCIM app).




  4. Scroll to the bottom and you should see blank fields representing the number of attributes you added but have not been mapped yet. Select each attribute from the dropdown and then click Save Mappings at the bottom.


    Now, when Okta provisions the users into Forcepoint ONE SSE, it will also includes these additional attributes you have added/mapped.