Is there an easy way to populate a group in okta based on a users AD group memberships? I can easily do it with group rules if I do “use basic condition” and “group membership includes any of the following” and then manually add the groups. Is there an easier way in group rules using OEL to add users to local okta group if any of their AD groups starts with “app_okta”
Unsure why this doesnt work
user.memberOf(group.startsWith("app_okta"))
You should be able to do that using the following expression
isMemberOfGroupNameStartsWith("app_okta")
Unfortunately you cannot specify the group source type such as Okta or active directory, it applies this to all groups.
As far as why your expression does not work is explained in doc here.
Note: The
Groups.contains,Groups.startsWith, andGroups.endsWithgroup functions are designed to work only with group claims. You can’t use these functions with property mappings.
trying this
user.isMemberOfGroupNameStartsWith("app_okta")
or
isMemberOfGroupNameStartsWith("app_okta")
results in “We found some errors. Please review the form and make corrections.”
the second option does work for me,
isMemberOfGroupNameStartsWith("app_okta")
Not sure whether you have smart quotes which might cause issues.
i scratched that screen and started over and it did work for me too, thanks for the answer
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.