Just-in-Time (JIT) provisioning is an emerging IT automation strategy that allows admins to configure connections between their identity provider and SaaS app service providers, provision users to those apps, and enable access without manually creating individual application accounts. In this post, we’ll explain how it works and give you a checklist you can use to decide whether your organization would benefit from JIT provisioning.
Just-in-Time Provisioning Explained
JIT provisioning is a method of creating user accounts in SaaS apps. The process works like this: An admin needs to configure a single sign-on (SSO) connection between the identity provider and the SaaS provider. Different service providers require different user attributes (and/or refer to them by different names) for account creation, which is why up-front configuration is required to map the correct attributes between the identity and service providers.
Once the admin has configured a connection, though, they can create a user in the identity provider with all their needed attributes, enable user access to the apps they require to do their jobs, and then prompt users to access those apps — all without opening the apps themselves.
Users then trigger the creation of their requisite app accounts the first time they try to log in to those apps through their identity provider’s SSO portal.
JIT Provisioning Workflow
JIT provisioning provides numerous benefits — including saving admins valuable time by offloading repeated data entry to an automated workflow. Beyond the convenience it provides, JIT provisioning also reduces the chance that admins make data entry errors.
If you’re assessing various strategies to implement JIT provisioning, these questions can guide your decision-making:
- Does our identity provider support JIT?
- Can we implement JIT from our identity provider without a service upcharge or another add-on?
- How many SaaS apps is our company using?
- Do the SaaS apps we use support JIT?
- At what intervals do we onboard users?
- Are we planning to scale the company?
The JIT provisioning workflow is particularly beneficial for organizations that regularly add new users or that plan to scale. Manually provisioning one new user to all their apps (Read more…)