Please visit our Okta integration overview for any general questions about the integration.

Overview

Persona’s integration with Okta helps to streamline identity verification workflows. By default, Okta sends over a default set of attributes like firstName and lastName when creating the Persona Inquiry. However, if you fetch additional user information for use within the Persona Inquiry, such as a legal name or office location, you can configure an action step in Persona to retrieve that data.

This article walks you through modifying your integration to access and leverage those custom fields.

Add a new action step to your workflow

In the workflow you use to verify your employees identities, you will need to create a new action step to retrieve the custom attributes. Once you have clicked on add new step, you will select Action → Integrations → Okta → Retrieve a user.

Under configuration, you will select Retrieve a user under action, Production under Credential, and trigger.reference_id under id* (this is the Okta Universal Directory ID).

Retrieve user attributes from Okta

Okta custom attributes are typically stored in the profile object of a user record. You can access them using the Get User endpoint. To see a list of custom attributes that can be retrieved by a user, you can refer to this section in Okta’s documentation.

Make sure your integration logic maps the required custom attributes to fields expected by your Persona workflow or template.

Once the action step has been configured, you can test the workflow with a Okta user ID to ensure that the information is retrieved correctly. You will be able to see the results of this API call in the integration logs where you can see the HTTPS response of the API call.

Use the fetched user attributes in Persona

Once you have determined that integration works as expected, you can:

• Create Dynamic Inquiry Flows: Route users through different inquiry templates based on email, userType, or any other custom attribute.
• Tag or Label Accounts: Automatically tag user records in Persona using imported Okta metadata.
• Power Logic in Workflows: Use custom attributes to conditionally trigger actions such as escalations, document collection, or API calls.

Examples of how these additional user attributes can be used in Persona

Some examples of how fetching additional attributes can help enhance the Persona <> Okta integration

• Reduce false failures: By passing over the user’s legal name, you’ll reduce any false failures you encounter today when the user’s preferred name is not the same as the name on their ID
• Verify more information: Verify the user’s birthdate with what’s on their ID to gain a higher level of assurance
• Compare known attributes against passive signals: By sending over attributes like the user’s expected location (or place of work), Persona can compare that with the location as determined by the employee’s IP address and flag if there’s a mismatch.