I’m trying to connect Okta to Azure AD, using an OpenID Connect iDP, as described in the following Okta Tutorial: https://developer.okta.com/docs/guides/add-an-external-idp/azure/create-an-app-at-idp/
When registering the Application in Okta, its configured to Create a new user (JIT), if no match is found.
The matching settings are the default ones:
I follow the exact steps, and tested the integration URL, as described here:
When executing the Authorization URL, the Microsoft login page is presented, where i enter an AD user.
The User is then correctly validated at the Active Directory, and then redirected to Okta, “executing” the URL callback at: <OKTA_DOMAIN>/oauth2/v1/authorize/callback?code=…&state=…&session_state=…
This redirects to the Redirect URL, but with the following error:
“Unable to process the username transform. A required property is missing. Missing field”
On Okta, the Logs seem to indicate that the validation on Active Directory was successful, but it was not possible to create the user, as the Active Directory response did not include the user email:
These seems to be a common situation, there is even a similar problem reported on the okta support here: https://support.okta.com/help/s/question/0D51Y00007l60v2/unable-to-process-the-username-transform-a-required-property-is-missing-missing-field-email
Is there anyone that can help? I’ve been on this for a few days without success, even though i’ve followed the exact steps described in the Okta tutorial !!!
Thanks in advance.