Provisioning of Factors

This section provides details on adding factors to the user and removing factors from the user.

Adding Factors to the User

The Add Factor to User operation in IdentityIQ is bound to the Enroll Multi-Factors operation in Okta.

To provision or add factors in Okta, the complete JSON body of factors must be passed in the provisioning plan. To pass additional query parameters with the Add Factor operation, an additional attribute request must be added with the attribute request name in the following format:

factor.<factorType>.<provider>.queryParams

For example, to send a query parameter for the factor type sms the attribute request name is as follows:

Note
For every factor, a separate attribute request must be added for additional query parameters.

The following is an example of a provisioning plan to provision factors:

Copy

<ProvisioningPlan>
 <AccountRequest op="Modify">
   <AttributeRequest name="factors" op="Add">
     <Value>
       <List>
         <String>{ "factorType": "push", "provider": "OKTA" }</String>
         <String>{ "factorType": "token:software:totp", "provider": "GOOGLE" }</String>
         <String>{ "factorType": "sms", "provider": "OKTA", "profile": { "phoneNumber": "<provide phone number>" } }</String>
       </List>
     </Value>
   </AttributeRequest>
   <AttributeRequest name="factor.sms.OKTA.queryParams" op="Add" value="updatePhone=true&activate=true" />
 </AccountRequest>
</ProvisioningPlan>

Note
For more information on the JSON body of different factors, refer to the Okta API Documentation.

Removing Factors from the User

The Remove Factor from User operation in IdentityIQ is bound to the Reset Factor operation in Okta.

To remove or reset factors, the value of the attribute request must be sent in the following format:

For example, to remove the factor type sms the attribute request name is as follows:

The following is an example of the provisioning plan to remove factors:

Copy

<ProvisioningPlan>
 <AccountRequest op="Modify">
   <AttributeRequest name="factors" op="Add">
     <Value>
       <List>
         <String>{ "factorType": "push", "provider": "OKTA" }</String>
         <String>{ "factorType": "token:software:totp", "provider": "GOOGLE" }</String>
         <String>{ "factorType": "sms", "provider": "OKTA", "profile": { "phoneNumber": "<provide phone number>" } }</String>
       </List>
     </Value>
   </AttributeRequest>
   <AttributeRequest name="factor.sms.OKTA.queryParams" op="Add" value="updatePhone=true&activate=true" />
 </AccountRequest>
</ProvisioningPlan>

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Provisioning of Factors

Adding Factors to the User

Removing Factors from the User

Documentation Feedback