• Home
  • Ideas
  • JIT provisioning for new users via Okta / SAML

JIT provisioning for new users via Okta / SAML

Related products: PX Admin & Security

All for new users to be created in Gainsight PX via Okta / SAML, and allow privileges to be set through Okta at the time a user is created.  

@erickinfoblox redirecting this to product. 

Just in time provisioning would be a great enhancement for the SSO connector.  For example, we use this feature with Zendesk and accounts are provisioned when the users login for the first time.  It saves administrators from having to create the accounts each time, as well as deactivating them.  OneLogin is our SSO provider.

@seth  - there is a similar topic/idea published here.  Can these be combined as JIT/SCIM is widely used by many of the common iDP’s (Okta, AAD, Google, etc)?   

 

The following idea has been merged into this idea:

All the votes have been transferred into this idea.
No StatusAcknowledged
The following idea has been merged into this idea:

 All the votes have been transferred into this idea.

 

Thanks for pointing the duplicate Idea @rterakedis, merged that one into this (as this egg came earlier)

@anirbandutta - is there any update on this?  Our internal Security team is making a big push for internal tooling to adopt automated user/role provisioning.   I would like to add that SCIM is only *half* the equation of getting users access.   Once the user is added to PX, there also needs to be a method of controlling what Role/Permissions they get.   We don’t want new users given a default role of full admin.

If the role is not added from Okta, perhaps the default role can be Viewer.

@anirbandutta - any update on this?   

 

Also, there’s another similar idea gaining votes that you may want to merge here:   

 

Terms & ConditionsCookie settings