Okta <->SCIM Bridge attribute mapping details
Hi All,
I recently implemented a SCIM Bridge for integrating Okta & 1Pass and while the docs got me most of the way there, there is missing info thats vital to know specifically around attribute mapping.
Based on the 1Pass Docs (https://support.1password.com/scim-okta/) there is some details about the attribute mapping towards the bottom regarding default values in the Okta 1Pass SCIM integration that comes as a built-in integration in Okta. While this info is helpful, at the end of the day there is missing info in this Doc that will prevent a SCIM bridge from working successfully. I also did a quick search here in the community but did not find anything related to what we were seeing.
So I followed the Docs: Setup a GCP container, deployed 1Pass app, configured Okta integration. All went well, except when we went to actually assign a user to 1Pass in Okta, we would get '400 Bad Request' with the specific error 'displayName cannot be empty without first or last names'. Now, one would think that with the default attributes setup as the doc described (firstName & lastName) that the SCIM would just combine these values if 'displayName' is not directly provided by the Okta API call however this is not true.
To fix this issue we had to create a custom attribute mapping in the app for 'displayName' to be pushed from Okta to 1P. After manually doing this the SCIM worked perfectly.
1Password: Please update your docs!! It appears that 1Pass docs around attribute mapping are non-existent as a whole. A simple paragraph would have saved lots of troubleshooting and time on my end. Don't be that guy 1Password. Take 5 minutes and update your docs.
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided
