Configuring just-in-time provisioning - PingFederate - 11.2

PingFederate Server

bundle
pingfederate-112
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 11.2
category
Administrator
Administratorguide
Audience
Capability
ContentType
DeploymentMethod
Guide
Product
Productdocumentation
SingleSignonSSO
Software
SystemAdministrator
pf-112
pingfederate
ContentType_ce
Guide
Guide > Administrator Guide
Product documentation

PingFederate's just-in-time (JIT) provisioning allows service providers (SPs) to create user accounts on the fly during single sign-on (SSO) events, based on attributes received in SSO tokens from identity providers (IdPs).

An SP can also use JIT provisioning to update existing user records.

Note:

This configuration task is presented in the administrative console only when the JIT Provisioning check box is selected on the Connection Options tab.

Screen capture of the JIT Provisioning tab.
  1. Go to Authentication > Integration > IdP Connections.
  2. Create a new IdP connection or select an existing IdP connection .
  3. On the Connection Type tab, select the Browser SSO Profiles check box and a protocol from the list.
  4. On the Connection Options tab, select the Browser SSO check box and then the JIT Provisioning check box.
  5. Complete the Browser SSO configuration.
  6. On the JIT Provisioning tab, click Configure User Provisioning to begin the configuration of JIT provisioning.