I am a Zivver admin
Configure and manage Zivver
Just-in-time Provisioning for User Accounts
Introduction
The Just-in-time Provisioning solution automates the creation of user accounts in Zivver when users log in using Single Sign-On. This cloud-based solution can eliminate the need for manual account creation in the Webapp or setting up the Synctool for pre-synchronizing accounts from source systems. By leveraging this solution, the deployment can be simplified and adoption of Zivver within your organization can increase.
When a user logs in with Single Sign-On, their Zivver account is automatically created using the information provided by the Single Sign-On application. The user is seamlessly logged into Zivver without any noticeable interruption due to the account creation process.
In addition to using the Webapp or the Synctool for creating functional accounts and managing other account actions, you can also utilize Just-in-time provisioning for user account creation.
Prerequisites
- Your Zivver organization must use Single Sign-On
- Your Identity Provider’s SAML response needs to be ammended with a Zivver Domainkey. For Azure AD and ADFS this should work out of the box
Configuration
Please contact support@zivver.com if you want to use Just-in-time provisioning. Include in your request which Identity Provider (Azure AD, Okta, ADFS) your organization uses. Zivver support can help you configure Just-in-time provisioning.
Limitations
Domain limitation
Just-in-time provisioning can only be used for one domain per Zivver tenant.
User account limitations
The following account management operations still need to be performed manually in the Webapp or by using the Zivver Synctool.
- Update the name or email address of a user account
- Suspend or delete a user account
- Add or remove delegate access to a user account
- Add or remove an email aliases
- Assign a user account to an Organizational Unit in Zivver
- Special functions such as updating the ZivverAccountKey
Functional account limitations
Just-in-time provisioning only supports user accounts. This means that for functional accounts, the following account management operations still need to be performed manually in the Webapp or by using the Zivver Synctool.
- Create a functional account
- Update the name or email address of a functional account
- Suspend or delete a functional account
- Add or remove delegate access to a functional account
- Add or remove an email aliases
- Assign a functional account to an Organizational Unit in Zivver