Skip to main content

Handling account attributes

You can view the complete list of attributes that Bravura Security Fabric can manage, including native and pseudo-attributes, using the Manage the system (PSA) module. To do this, select Okta from the Manage the system > Resources > Account attributes > Target system type menu.

For information about the native Okta attributes managed by Bravura Security Fabric , consult your Okta documentation.

Bravura Security Fabric explicitly handles the following attributes and pseudo-attributes when creating or modifying recipient accounts for Okta target systems:

  • email Use email to define the email address of the user. This pseudo-attribute should be mapped to the EMAIL profile and request attribute.

  • login Use email to define the email address of the user. This pseudo-attribute should be mapped to the EMAIL profile and request attribute.

    The EMAIL profile attribute must be included in requests when creating new users and filled in with the new user’s email address since this is also used for their Okta login.

  • _DeleteMode Use _DeleteMode to deactivate an Okta account instead of deleting the account for a delete operation. Configure this account attribute to be set to a specified value on update. Also set the value type to Literal value and the attribute value to Deactivate .

  • ._FACTORS Use _FACTORS to be able to reset the multifactor authentication methods for an Okta user.

    Map this pseudo-attribute to a profile and request attribute and set to a value of CLEARALL for an update in order to remove all of a user’s Okta multifactor authentication methods.

  • firstName Use firstName to define the first name of the user. This pseudo-attribute should be mapped to the FIRST_NAME profile and request attribute.

  • lastName Use lastName to define the last name of the user. This pseudo-attribute should be mapped to the LAST_NAME profile and request attribute.

  • middleName Use middleName to define the middle name of the user. This pseudo-attribute should be mapped to the OTHER_NAME profile and request attribute.

See the Bravura Security Fabric configuration documentation for more information.

In this section: