cognifloyd
commented
10 months ago I have users that sometimes login with upper case, and sometimes with lower case, so they end up with duplicate entities in Vault. That makes looking up entities by alias difficult (which case did they use to login?), and it makes getting an accurate user count difficult.
I would love a way to standardize the name used in the entity aliases created by the okta auth backend.
I'm currently using vault 1.12.x.
Describe the bug When authenticating via the Okta API plugin username is apparently case sensitive. Unlike the LDAP plugin there is no flag for Okta plugin.
User authentication fails because end users dont know their username may be in ALL CAPS in Okta. Unfortunately some users in Okta have lower and some have UPPER. When a user auth fails we always ask first "try username in ALL CAPS" and 99% of the time this gets them in. 99% of all our logon failures are because of this.
Expected behavior Case insensitive username
Environment: Vault Enterprise 1.3.x (latest) Okta API auth