Custom Attributes for Users and Groups

Custom Attributes for Users and Groups have been presented in Metric Insights 6.3.4 and allow syncing custom attributes from Okta and will be supported for mi-ldap-usersync and mi-o365-usersync in future releases. Each custom attribute that needs to be synced must be created in MI. All synced custom attributes are displayed on the Info tab of User/Group Editor.

The process comprises the following steps:

Find Values for Custom Attributes Sync

  1. Create a Custom Attribute
  2. Configure Custom Attribute
  3. Run Usersync Script
  4. View Sync Results
Find Values for Custom Attributes Sync

Find Custom User Attributes' Values

  1. Access the People tab
  2. Select a user
  3. Access the Profile tab
  4. Copy the attributes' Variable names (located below the Display names):
    • In this example 2 custom attributes will be synced and additionally mapping_group will be used to map users to groups that match this attribute's value (see Run Usersync Script for details); e.g., the user from the screenshot above will be added to 'Documentation Team from Okta Usersync' group

Find Custom Group Attributes' Values

  1. Access the Groups tab
  2. Select a group
  3. Access the Profile tab
  4. Copy the attribute's Variable name

Note: Use --auto-create all parameter if this group does not exist in MI and should be auto-created.

1. Create a Custom Attribute

  1. Access <MI hostname>/admin/customattributes
  2. [+ Custom Attribute]

2. Configure Custom Attribute

Access the Settings tab

Each Custom Attribute that needs to be synced from Okta must be created in Metric Insights.

  1. Enter a Custom Attribute Name that will be displayed in User or Group Editor
  2. External ID: Enter Variable name of Okta attribute
  3. Optionally, provide a Description that will be displayed on hover in User/Group Editor
  4. Choose whether the attribute is displayed for Users, Groups or both
  5. [Save]

3. Run Usersync Script

Notes:

  • If more than one custom user or group attribute is synced, separate attribute names with commas omitting whitespaces.
  • See Find Values for Custom Attributes Sync for details on where to find custom attributes' values in Okta
  1. Enter custom user attributes that need to be synced using the --custom-user-attribute parameter
  2. Enter custom group attributes that need to be synced using the --custom-group-attribute parameter
  3. Use --map-attr-to-group to select an attribute which will map users to groups based on this attribute's value
    • If the group(s) do not exist in Metric Insights, use --auto-create all to auto-create them in MI
  4. Sync summary is displayed listing all added users and groups

4. View Sync Results

4.1. View Synced Groups

Access Admin > Users & Groups > Groups tab

  1. Click on the added group
  2. Access the Info tab, the synced Custom Group Attributes are displayed at the bottom of the page
  3. Access the Members tab, the synced users are displayed on the Members tab
  4. Click on one of the synced Users

4.2. View Synced Users

Access the Info tab

  1. The synced Custom User Attributes are displayed at the bottom of the page
  2. Access the Group Membership tab
  3. The synced User has been added to a group defined in the --map-attr-to-group parameter