Auto Provisioning
Enable auto provisioning to automatically create user accounts for new users who access the solution from your SSO portal.
In very large organizations, creating Visier user accounts for new or returning employees can be time consuming. However, you can enable auto provisioning to easily rollout the solution to new users and reduce the amount of time that administrators spend creating new accounts.
How does auto provisioning work?
Before you enable auto provisioning, you must:
- Set up single sign-on. For more information, see Set Up Single Sign-On.
- Ensure the solution is configured to automatically fill in the Employee Ids for all users. For more information, see Set up Dynamic Look-Up.
After you turn on auto provisioning, Visier will automatically create a user account for first time users when they access the solution via your SSO portal. The solution searches through your organization's employee records to fill in the user's attributes: username, employee name, and employee ID. If the solution can't find any matching data records, the user's email address will be set as their username and employee name and the employee ID will be left blank. An administrator will need to fix the employee name and fill in the employee ID in the User room. After the account is created, the solution checks the User Groups that the user has been assigned to determine what data they can see. If the user is not assigned a User Group, then they will not have access to data.
Note: Auto provisioning may appear less restrictive as it allows for any employee in your organization who has been properly authenticated through your SSO identify provider to have a Visier user account. However, you have full control over the data access that auto provisioned users will have through User Groups. For more information, see User Groups.
Best Practices
Follow these best practices when enabling auto provisioning for the solution:
- In your SSO portal only provide access to Visier for authorized employees.
- Create User Groups before you enable auto provisioning to ensure that auto provisioned users have access to data when they first log on.
- If you delete a user from your organization's SSO, their Visier account will not be deleted. You'll have to manually remove it from the solution via the Users room. For more information, see Delete a User