- Knowledge Base Home
- SSO
- SSO Guidance
-
Getting Started
-
Hubs, Partners & Advisors
-
Task Management
-
Projects & Playbooks
-
Question Based Assessments
-
Requirement Based Assessments
-
Third-Parties/Vendors
-
Trust Portal
-
Registers
-
Issues & Incidents
-
Risk Management
-
Controls
-
Compliance
-
Metrics
-
Reporting
-
Attestations
-
Vulnerabilities
-
Administration
-
SSO
-
Integrations
-
Content Provider
-
Help and Support
Just-in-Time (JIT) Provisioning
The Just-In-Time Provisioning feature enables you to automatically create and update user accounts and role assignments from your Identity Provider (such as Okta or Active Directory). The creation or update is actioned when the user authenticates using Single Sign-On (SSO). This reduces the time spent on manual user management and ensures that your organization's user access is always up-to-date.
JIT Provisioning is enabled by default when using SSO.
Troubleshooting
If you are having trouble getting JIT Provisioning to work, please ensure the following:
- If you are using a Hub and Spoke model, ensure the hub and all spokes have separate SSO applications configured. See SSO Best Practices for Hub & Spoke for more details.
- If you are using an Okta Custom Authorization Server, ensure the Custom Claim has been configured with the correct name, as per Okta SSO Setup instructions.
- If you are on a subscription with a limited number of allowed users, ensure you have not exceeded your allowable user count.