Provisioning Users with JIT

You can provision user access to Threat Command with SAML Just in Time (JIT) from your single sign-on (SSO) provider. The service is available for Azure AD and Okta SSO.

When using JIT to provision users, the following apply to those users:

  • Logging in to Threat Command is done from the SSO application, not through the Threat Command login.
  • The user does not have a Threat Command password.
  • Deleting a user from the SSO application does not delete them from Threat Command.
  • A user deleted from the SSO application cannot Log in to Threat Command (as they have no password). You can manually delete that user from Threat Command.
  • Users are assigned the same time zone as the account.
  • To change the time zone or make other changes to user settings (notifications, etc.) use the Threat Command Settings > Users  page.
  • Users have a notation in their user card that their user was provisioned by SAML JIT.

For more information on configuring SSO and user provisioning, see these sections: