[Use case 1]

Issue: When synchronizing users from AD to Okta, I want to display only the user name on Okta

Solution: Use Expression Language that removes the part after @ and displays only the user name

Expression Language: String.substringBefore(appuser.userName, "@")

【Setting method】

1. From the Okta admin screen, go to Directory Integrations
2. Move to the Provisioning tab and click the Edit button of General of To Okta
3. Change Okta Username format to Custom
4. Enter the Expression Language as shown below (The figure below reflects setting methods 1 to 4)

* If you set it, it will be automatically displayed with only the user name after importing the user.

[Use case 2]

Issue: I want to unify the domain part of the email address when merging companies

Solution: Delete the domain part below @ and add the domain part "@test.local" to the Expression Language

Expression Language: String.substringBefore(appuser.userName, "@") + "@test.local"

This time, we will use the following users.

【Setting method】

1. From the Okta admin screen, go to Directory Integrations
2. Move to the Provisioning tab and click the Edit button of General of To Okta
3. Change Okta Username format to Custom
4. Enter the Expression Language as shown below (The figure below reflects setting methods 1 to 4)

* The domain part of the user name has been changed to "@test.local".

[Use case 3]

Issue: There are email format users and users without @ on Okta, so I want to unify them

解決策：「test@test.local」と「test2」のユーザーがいるので、下記2点を満たすExpression Languageを設定
・test@test.localのユーザーはそのまま
・test２のユーザーに対して、@test.localをユーザー名に追加

Expression Language：
String.stringContains(user.login,"@")?String.substringBefore(user.login,"@")+"@test.local" : user.login + "@test.local"

＊Expression LanguageではIF文を記載することができます。
上記のExpression Languageは、「ユーザー名に@が入っているユーザーに関しては＠以下を@test.localに変更」「ユーザー名に@が入っていないユーザーに関しては、ユーザー名に@test.localを追加」という構文を記載しています。

Expression Languageを用いて、下図のような＠以下がなく、「Expression-demo」となっているユーザーにドメインを追加します。

【Setting method】

• From the Okta admin screen, go to Applications > Applications
• Go to the Sign On tab and click the Edit button in Settings
• Change Application Username format in Credentials Details to Custom
• Enter Expression Language as shown below (The figure below reflects setting methods 1 to 4)

[Use case 4]

Challenge: I want to create a group rule that assigns users whose Department is "Marketing" and ManagerId is "1" (creating a complex group rule)

Solution: Combine attributes to create a rule that adds users to groups where department=Marketing and ManagerId=1

Expression Language: user.department=="Marketing" AND user.managerId=="1"

【Setting method】

1: Go to Directory>People and search for a user

2: Specify Department and ManagerId in the Profile item

3: Go to Directories->Groups->Rules​

4: Select Add Rule​

5: Click Use Okta Expression Language (advanced) in the IF item

6: Describe Expression Language in the item

7: Set the Name and Assign to items and click Save (The figure below shows the state of setting methods 3 to 7)

* Users are actually assigned by group rules.