Use Just-in-Time (JIT) provisioning to automatically create a user account in your Fullcast instance the first time a user logs in with a SAML Identity Provider (IdP).
Before you begin
You must have SSO configured with your IdP.
The user must already be created and authenticated in your IdP.
Configure JIT in your IdP
Attribute name value configuration
When you set up SAML SSO with JIT in Fullcast, use the following attribute name values in the SAML response in your IdP:
Attribute | Name value |
|---|---|
First name | FirstName |
Last name | LastName |
Email address |
SAML response configuration
For the SAML response, use the following NameID format and value to ensure that the user's email address is correctly identified and used for authentication within Fullcast.
Note
Make sure your IdP is configured to send the NameID in this format with the appropriate email address value.
NameID format—use one of the following:
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecifiedurn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
NameID value: The user's email address.