Provisioning Users with JIT

You can provision user access to Threat Command with SAML Just in Time (JIT) from your single sign-on (SSO) provider. The service is available for Azure AD and Okta SSO.

When using JIT to provision users, the following apply to those users:

Logging in to Threat Command is done from the SSO application, not through the Threat Command login.
The user does not have a Threat Command password.
Deleting a user from the SSO application does not delete them from Threat Command.
A user deleted from the SSO application cannot Log in to Threat Command (as they have no password). You can manually delete that user from Threat Command.
Users are assigned the same time zone as the account.
To change the time zone or make other changes to user settings (notifications, etc.) use the Threat Command Settings > Users page.
Users have a notation in their user card that their user was provisioned by SAML JIT.

For more information on configuring SSO and user provisioning, see these sections:

Did this page help you?

Settings

Enable SP-Initiated User Login

IntSights Extend Browser Extension