Allow username customization for Okta SCIM provisioned users

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Release notes

Problem to solve

The Okta GitLab SCIM App which allows user provisioning from Okta can currently only use the Okta username as the value for user creation on GitLab.com, with no capability to customize it.

In contrast, our SAML implementation allows for the use of the nickname or username attributes to override this, but SCIM is the preferred method for user provisioning so it should be able to do the same.

Further reasoning or use cases can be seen on the SAML implementation issue.

Proposal

The way I see it we we can either:

1. Modify the Okta GitLab SCIM App itself so that Okta admins can set the username attribute to a different directory attribute.

Or

2. Implement and enable a SCIM attribute on the GitLab.com side that allows administrators to customize the SCIM-provisioned users, just the same as the nickname or username attributes on SAML. This may be preferred as this would allow other SCIM IDP Apps (not simply Okta's) to simply add a custom attribute to override the default behavior of the SCIM App.

This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.