Skip to main content

How to Change an OKTA SAML User's Username in the Sonatype Nexus Repository

Updated

.

Overview

This article demonstrates how to change an OKTA SAML User's username in the Sonatype Nexus Repository.

change saml user's username.png

1.) Before making changes, ensure that you have successfully configured Okta SAML integration with the Sonatype Nexus Repository by following: Okta SAML integration with the Sonatype Platform 

2.) If you need to change multiple users, test the process with a single user first. Additionally, please make a list of the original usernames, as they will be needed later.

Steps

1. Update OKTA configuration

Okta allows you to configure the "Application Username" during SAML integration.

OKTA application username.png

You can change an OKTA user's username on the user's profile page:

OKTA change username from the uesr's profile.png

However, the changed username won't be synced with the application automatically(Maybe OKTA has a job that can do this, but please consult the OKTA support team). 

To update the username on the application side, there are two options:

1.1. Update an individual user's username

Applications->Applications->Click the application-> Go to the Assignments Tab->Find the user->Click edit icon

Edit user's application username 1.png

 

You can see the username here is still the original username.

Edit user's application username 2.png

You can manually change it or click "Reset"

Edit user's application username 3.png

1.2. Update Multiple users' usernames

You can follow the above method to update the user's application username one by one or 

Go to Applications->Applications->Click the application-> Go to the Sign On tab-> Click the Update Now button in the below image.

Update Multiple users' usernames.png

2. Delete the Original SAML Users in the Sonatype Nexus Repository

After updating usernames in Okta, users will see their new usernames upon logging into Nexus Repository. However, the original usernames will still exist in the system. You must remove them manually.

2.1 Delete Users Via the Nexus UI

  1. Log in to Nexus Repository as an admin user.

  2. Navigate to Administration → Security → Users → Choose Source: SAML

  3. Locate and delete the original users.

old user.png

2.2 Delete Users via API

Alternatively, you can remove users using the Nexus API(Administration->System->API-> Security management: users->Delete), an example:

curl -u admin:admin123 -X 'DELETE' 'http://localhost:8081/service/rest/v1/security/users/afterchange%40example.com?realm=SamlRealm'

Ensure you include realm=SamlRealm in the request.

Related articles