Custom Character Restriction - In Username


I might be overlooking something, but I’m trying to configure the Okta profile Username (login) attribute to accept characters from a restricted list, but it seems it doesn’t work.

Below are the details:-

Do you have Self-Service Registration (SSR) enabled for your tenant? This feature will be enabled by default in Developer orgs, but may have been enabled in a preview/production org if desired.

You may be running into an issue where, in order to facilitate users being able self-service register to your org, their login and email address will be set to the same value.

It would explain why you see that the error says the rejected value is, which matches the value you are sending as the user’s email, not their login

I’m also able to reproduce the same thing in a Dev org with SSR enabled and the same validation for the ‘login’ attribute, and after I disabled the feature in that org I am able to make a user with these values successfully.



My SSR was enabled for my dev org. I disabled it and tried creating the user via both postman and the admin console, but no luck.

@andrea - Please, further suggest me. This really sticks to me.

This will still be related to a feature required for SSR (that will still be enabled in your org if you have the option to turn SSR on, but have not done so) that ensures the login and the primary email must match.

I recommend opening a support case to see if you can have this feature disabled in your tenant so that your username validation can work without encountering this behavior.

Hi @andrea, I turned it off in my org.

As you suggested, I will create a support ticket for this.

Thanks for your help. I appreciate it.