FAQs: SCIM
Why are Genesys Cloud user records unexpectedly changed after an update to Microsoft Entra ID?
Occasionally when Microsoft Entra ID is updated, Microsoft also updates the Genesys Cloud for Azure user provisioning app. As a result, unexpected changes may be made to Genesys Cloud user records. In some cases, these changes may affect the ability of your users to work in Genesys Cloud.
Identify the scope of changes
Start by reviewing Microsoft’s audit logs for Microsoft Entra ID:
- For general information about the types of logs available, see Audit logs in Microsoft Entra ID.
- To see what data was sent to Genesys Cloud as part of a provisioning operation, view the provisioning logs in Microsoft Entra ID.
- Use the Genesys Cloud audit log viewerto review certain changes made by the Microsoft Entra ID provisioning app.
- For more information about all of the data that is captured in the Genesys Cloud audit log, see Action Catalog.
Fix incorrect attribute mappings
Does Genesys Cloud SCIM sync information from Genesys Cloud to identity management systems?
No. Genesys Cloud currently only supports unidirectional syncing from identity management systems to Genesys Cloud. Any changes made in Genesys Cloud will not be synced to the identity management systems and may be overwritten during the next sync from identity management systems to Genesys Cloud. Whether attributes changed in Genesys Cloud are overwritten during a sync depends on if the attributes are mapped in the identity management systems.
For example, let’s assume that you map the department attribute in your identity management system to an attribute in Genesys Cloud but you do not map the mobile number attribute.
- You update the department in your identity management system. This change causes your identity management system to sync user data to Genesys Cloud. If you previously changed other user data in Genesys Cloud that is mapped in your identity management system, then the sync overwrites those changes in Genesys Cloud.
- You update the mobile number in your identity management system. This change does not cause your identity management system to overwrite the mobile number in Genesys Cloud.
| Attribute | Location where attribute changed | Result |
|---|---|---|
| Mapped (department) | Identity management system | Identity management system syncs user data to Genesys Cloud. Overwrites the attribute in Genesys Cloud. |
| Genesys Cloud | At some point, identity management system overwrites this attribute in Genesys Cloud. | |
| Unmapped (mobile) | Identity management system | Identity management system does not overwrite the attribute in Genesys Cloud. |
| Genesys Cloud | No change occurs to the attribute in the identity management system. Does not overwrite the attribute in Genesys Cloud. |
For information about Genesys Cloud SCIM (Identity Management), see About Genesys Cloud SCIM (Identity Management) and Genesys Cloud SCIM (Identity Management) overview (Genesys Cloud Developer Center).
What happens if I unassign a user from the Genesys Cloud application in Okta?
When you unassign a user from the Genesys Cloud application in Okta, Okta changes the status of the user to inactive. The user in Genesys Cloud retains assigned roles if the user is reactivated. Both inactive and deleted users cannot access your Genesys Cloud organization. Genesys recommends deleting inactive users in Genesys Cloud to complete the process.
For information about Genesys Cloud SCIM (Identity Management), see About Genesys Cloud SCIM (Identity Management) and Genesys Cloud SCIM (Identity Management) overview (Genesys Cloud Developer Center).
What happens when I delete a user in Genesys Cloud and later reenable the user in Okta?
When you delete a user in Genesys Cloud and later reenable the user in Okta, Genesys Cloud changes the user’s status to Active. However, unlike when you create a new user, Genesys Cloud does not automatically restore the default employee role or any manually added roles to the reactivated user. You must manually reassign roles to the user in Genesys Cloud or use Push Groups in Okta. Genesys recommends that you assign roles to a group in Genesys Cloud and then add the user to the group in Okta.
For information about Genesys Cloud SCIM (Identity Management), see About Genesys Cloud SCIM (Identity Management) and Genesys Cloud SCIM (Identity Management) overview (Genesys Cloud Developer Center).
Can I use something besides first name plus last name for full name?
Yes, you can! The Genesys Cloud application in Okta uses first name plus last name by default: String.join(” “, user.firstName, user.lastName). But you can change the order or what fields appear by modifying the displayName attribute under Genesys Cloud Attribute Mappings. For more information, see Okta Expression Language in the Okta documentation.
For information about Genesys Cloud SCIM (Identity Management), see About Genesys Cloud SCIM (Identity Management) and Genesys Cloud SCIM (Identity Management) overview (Genesys Cloud Developer Center).
Can I import users from Genesys Cloud into Okta?
Unfortunately, no, you cannot import users from Genesys Cloud into Okta. Okta contains separate field names for family names and given names, both of which are required. Genesys Cloud does not separate names into two fields.
For information about Genesys Cloud SCIM (Identity Management), see About Genesys Cloud SCIM (Identity Management) and Genesys Cloud SCIM (Identity Management) overview (Genesys Cloud Developer Center).
What causes Genesys Cloud to change the status of a Microsoft Entra ID user to inactive or to delete a user?
Genesys Cloud changes the status of a Microsoft Entra ID user to inactive or deletes a user in Genesys Cloud based on input from Microsoft Entra ID.
If you remove a user from the app scope or you soft delete a user in Microsoft Entra ID, then Microsoft Entra ID notifies Genesys Cloud to change the user’s status to inactive. When you hard delete a user in Microsoft Entra ID or Microsoft Entra ID hard deletes a user based on a maintenance schedule (currently 30 days after removal or soft-delete), Microsoft Entra ID notifies Genesys Cloud to delete the user.
For more information about how Microsoft Entra ID treats deactivation or deletion of users, see How provisioning works in the Microsoft Entra ID documentation.
For information about Genesys Cloud SCIM (Identity Management), see About Genesys Cloud SCIM (Identity Management) and Genesys Cloud SCIM (Identity Management) overview (Genesys Cloud Developer Center).