Use this information to troubleshoot some of the common errors that can occur with the Okta and Workspace ONE Access SCIM integration.

  • Error: “Errors reported by remote server: Required user attributes:[DISTINGUISHEDNAME] are missing.”

    Solution: distinguishedName is set as a required attribute in Workspace ONE Access. In the Workspace ONE Access console Settings > User Attributes page, deselect the Required check box for the distinguishedName attribute.

  • Error: “Errors reported by remote server: User creation is not supported for specified directory ID.”

    Solution: You are attempting to create a user in a directory that is not of type Other. Verify that while completing the prerequisites you did not use a domain that is used by another directory. It is possible that the domain was used for Just-in-Time (JIT) users. If so, you must create another directory of type Other with a unique domain.

  • Error: “Errors reported by remote server: User domain name specified for the user resource doesn't belong to the directory.”

    Solution: The domain you configured in the attribute mapping in Okta does not match the domain for the directory created in Workspace ONE Access. Ensure that they match.

  • Error: Automatic provisioning of user <username> to app VMware Workspace ONE failed: Matching user not found.

    Solution: The Create Users and Deactivate Users settings are not enabled in the Provisioning tab of the VMware Workspace ONE app. Go to the Provisioning tab, click Edit, and select the Enable check box for Create Users and Deactivate Users.