I’m having trouble with a SAML IDP setup in my okta dev account.
I can login fine with a user that exists in both okta and the IDP, but when I try to login with a new user from the IDP that is not in Okta, the JIT user provisioning always fails.
It shows errors in the dashboard saying “Create okta user failure”
and
user.lifecycle.create (id: unknown)
I’ve tried playing with the profile mappings, but nothing seems to work. I don’t know why it says the id is unknown, when it is able find and log the id from the SAML response.
Can you please check that firstName, lastName and email are sent in the assertion from the identity provider and mapped correctly in order for the user to be created in Okta?