Hello,
I am working on migrating user accounts from our system to okta but using the password import hook. We have a use case to associate an ID from our system to the user account being created in okta for cross-reference. But I don’t see any option to pass this ID back to okta via the password hook response. Is there a way to accomplish this via the password import hook response? If not what are the recommended ways to do so? Thanks
Hello,
You wouldn’t use a password hook to update a profile, however before setting up the hook you would important your users into the system with the Create User with Password Import Inline Hook API. If you add a new attribute to the Okta user profile using the profile editor, or you use an existing user attribute, you could specify this ID when the user is created in the system. Just add the ID to attribute it will map to in the user profile for the API call.
Thanks a lot Erik. Is there any other option to import the user in an on demand basis without importing the users to okta first but rather than import only the users that will be signing in and use password import to move their passwords?
Thanks, Vinny for asking it here. I have specific questions related to the above.
There are a number of ways.
If users happen to be in LDAP or AD we have directory integrations with Okta that can do JIT.
Another Option would be a SCIM server.
Okta Social IDPs also are able to do JIT.