Configuring Just-in-Time (JIT) provisioning for Peakon
This guide details the steps to configure JIT provisioning between ManageEngine ADSelfService Plus and Peakon.
Prerequisite
SAML-based SSO must be configured to enable JIT provisioning. To learn how to configure SSO for Peakon, click here.
Peakon (Service Provider) configuration steps
- Log in to Peakon as an admin.
- In the left pane, click Administration.
- Navigate to Company → Integrations → Employee Provisioning.
- Navigate to the Settings tab under the Employee Provisioning section, and copy the OAuth Bearer Token value.
ADSelfService Plus (Identity Provider) configuration steps
- Login to ADSelfService Plus with administrator credentials.
- Navigate to Configuration > Self-Service > Password Sync/Single Sign On > Add Application, and select Peakon from the applications displayed.
Note: You can also find Peakon from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
- Enter the Application Name and Description.
- Enter the Domain Name of your Peakon account. For example, if you use johndoe@thinktodaytech.com to log in to Peakon, then thinktodaytech.com is the domain name.
- In the Assign Policies field, choose the policies for which you want the application to be assigned.
Note: ADSelfService Plus enables you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration > Self-Service > Policy Configuration > Add New Policy.
- Click SCIM and select Enable Just-in-Time Provisioning.
- In the OAuth Bearer Token field, paste the token value copied in Step 4.
- In the License Consumption Limit field, enter the maximum number of licenses you want to be consumed in this application. This will ensure that only the specified license count is used when creating user accounts in the application. The number of licenses consumed will be displayed next to this field. If license consumption exceeds the specified limit, then the user account creation process is stopped.
Note:
- The license usage details will be visible when editing the application configuration.
- If a user already has an account in the application, their access attempt through ADSelfService Plus will also be counted towards the license count.
- Click Add Application.
You have now successfully configured JIT provisioning for Peakon and user accounts that do not exist in Peakon will be created automatically during SSO login.
Don't see what you're looking for?
-
Visit our community
Post your questions in the forum.
-
Request additional resources
Send us your requirements.
-
Need implementation assistance?
Try onboarding