Configuring just-in-time provisioning
PingFederate’s just-in-time (JIT) provisioning allows service providers (SPs) to create user accounts on the fly during single sign-on (SSO) events, based on attributes received in SSO tokens from identity providers (IdPs).
About this task
An SP can also use JIT provisioning to update existing user records.
|
This configuration task is presented in the administrative console only when the JIT Provisioning checkbox is selected on the Connection Options tab. |
Steps
-
Go to Authentication > Integration > IdP Connections.
-
Create a new IdP connection or select an existing IdP connection .
-
On the Connection Type tab, select the Browser SSO Profiles checkbox and a protocol from the list.
-
On the Connection Options tab, select the Browser SSO checkbox and then the JIT Provisioning checkbox.
-
Complete the Browser SSO configuration.
-
On the JIT Provisioning tab, click Configure User Provisioning to begin the configuration of JIT provisioning.