How to Map email_verified Through SCIM Provisioning in OIDC Connections

kristi.davis · July 11, 2025, 6:49pm

Overview

This article describes how to map the email_verified attribute for users provisioned via SCIM when using an OIDC or Okta Workforce connection.

Applies To

SCIM
email_verified
OIDC
Okta Workforce

Solution

The email_verified attribute is not included in the SCIM schema defined in RFC 7643 and therefore cannot be mapped directly during SCIM. However, this attribute is a default claim for OIDC, so SCIM can be combined with syncing user profile attributes at login to achieve the desired result.

Topic		Replies	Views
Add custom SCIM attribute in Inbound SCIM connection Get Help connections , oidc-enterprise-connection	3	93	April 1, 2025
When SCIM enabled on an OKTA Workforce Enterprise connection app_metadata is deleted rather than merged after an update Get Help connections , saml-enterprise-connection	1	93	March 28, 2025
User Attributes Lost after Login for a SCIM-Enabled Enterprise Connection Knowledge Articles	1	10	May 7, 2025
OIDC enterprise connection claim mapping Get Help	4	5223	September 19, 2019
How to Map 'email_verified' Attribute from AD/LDAP Connector Knowledge Articles ad-ldap-connector , email-verified	1	310	March 26, 2024

How to Map email_verified Through SCIM Provisioning in OIDC Connections

Overview

Applies To

Solution

Related References

Related topics