Restricting Applications/Service Clients from updating certain user profile attribute

We were not able to find a way to restrict applications/service clients from updating certain user profile attributes. So we are building a wrapper on top of Okta API which will check the applications request and their ownership on the User Profile attribute.

In our Organization we have different applications who contribute to Okta User Profile.
Application 1 : Can update only Names, Phone, Email , Address
Application 2: Can update Country of employment , Company Name etc.
We don’t want Application 2 to update Names, Phone or Email.


  1. Is wrapper necessary ? Does Okta provide a way to control actions on user profile attributes at application level

@gpushp Hi, not sure how you would like to restrict the attributes.
Okta has app user profile.

let me look into this and test few scenarios. I update my question

No it wont work in our case. I updated my question with more detailed explanation