Configure JIT on Identity Provider to update a dynamic value

Incoming SAML assertion contains an attribute that carries rather a dynamic value (UUID like) every time the user authenticates, JIT is able to store the incoming value into the user profile but only for the first time and never gets updated. Is there a way to force the update to happen?

I’m using the value into a custom claim in ID token and pass it on to the application, but the value it gets is not the latest one.

Any workaround for this?

Thanks, Mohan

As you can see in the Mappings settings for an IdP, it is currently only possible to push attributes from the Identity Provider profile into the Okta User profile during user create, unless the IdP in question is configured as a profile source
Here are the mapping options when the IDP is not a Profile Source:


And here are the same options after I configure this IdP as a Profile Source:

You can enable the Profile Source option when configuring the Identity Provider, as seen here:

1 Like