Setting up Just-in-Time provisioning for SAML SSO

For partners subscribed to Enterprise plans.


If you are using SAML (Security Assertion Markup Language) SSO with an identity provider supporting SAML 2.0, your configuration may be further customized to allow for Just-in-Time provisioning. This allows you to have IT Glue users created automatically the first time they access IT Glue using single sign-on (SSO).

How it works

Just-in-Time provisioning works with your SAML identity provider to pass key identifying information to the connected application using SAML 2.0. In IT Glue, this is the email address used to authenticate with the SAML identity provider.



  1. Under Enable SAML SSO, set Auto-Provision IT Glue Users to On, and choose a Role to be assigned to all new users created through Just-in-Time provisioning. You can also assign these users to security groups and grant organizational access.


  2. Click Save.

Common Questions

Do automatically provisioned users count towards my license usage?

All non-Lite users provisioned using Just-in-Time provisioning count towards your paid license usage.

Can I de-provision users through my SAML identity provider?

User de-provisioning is not supported through the SAML application. Please see our Adding and removing users KB article for more information on managing users.

Was this article helpful?
1 out of 1 found this helpful
Have more questions? Contact us