I have users that use the OKTA Enterprise Connection to login to certain applications. I need to populate the user token with the OKTA Groups that user is assigned to. When they change I expect to they would change in Auth0. So I am following the excepted solution provided here Get/map claims from Okta - Enterprise Connection .
The solution requires in a login action getting the users idp access token from the management api and calling the okta user info endpoint. The issue is that when I call get user in management api no access token is provided in the response. My JWT token contains the scopes read:users, read:user_idp_tokens.
According to the documentation that should be all that is need to get the users idp access token. Why is it that when I call /api/v2/users/{user id} no idp access token is returned?
I was able to set up an Okta connection and tested it to get the IdP access tokens. After a request to the get user endpoint with the appropriate token and scopes, I see the Okta access token in the identities array.
Thank you for the reply. I noticed that I had switched the user mapping to the OKTA template and that seemed to be removing it. When I created a new connection and used the default mapping it came across.