I’m using the Java Okta SDK to create and retrieve users from our tenant. The tenant is configured such that the username has no restrictions on its format.
There are multiple special characters that can be created using UserApi / UserBuilder but when retrieved using UserApi.getUser() a 400 (bad request) is thrown.
So far in testing the following special characters can be included in a username but not retrieved:
opening square bracket, closing square bracket, backslash
There are others too but I’ve still got narrow down exactly which they are.
Some questions:
Is there a reason for this behaviour?
Is there a workaround/solution to solve this?
Is there a definitive list of special characters that exhibit this behaviour?
As per our documentation here - When fetching a user by login or login shortname , you should URL encode (opens new window) the request parameter to ensure that special characters are escaped properly. Usernames with a / or ? character can only be fetched by id due to URL issues with escaping the / and ? characters.
For example when making the manual API call we again do mention URL encoding will need to be done, when using special characters.
At the moment there is no definitive list we have of special characters which exhibit this behaviour. Something that will need to be tested.
What special characters are you using in your username? (apart from these which you already mention throw an error during getUser() - \ , [ , ] )
We are using the Java Okta SDK, in particular UserApi / UserBuilder. My understanding (& from testing) is that these classes handle the escape of special characters. I have a test program to test all special characters int the username (create + getUser + delete). All special characters work with the exception of:
LF CR / ; ? [ ] \ horizontal-ellipsis
Provisionally we are using all special characters so it would be good to know which ones are prohibited.