Configuring Just-in-Time (JIT) provisioning for ScreenSteps
This guide details the steps to configure JIT provisioning between ManageEngine ADSelfService Plus and ScreenSteps.
Prerequisite
SAML-based SSO must be configured to enable JIT provisioning. To learn how to configure SSO for ScreenSteps, click here.
ScreenSteps (Service Provider) configuration steps
- Log in to ScreenSteps as an admin.
- Navigate to Account Settings → API Tokens.
- Click Create API Token.
- Copy the token.
ADSelfService Plus (Identity Provider) configuration steps
- Login to ADSelfService Plus with administrator credentials.
- Navigate to Configuration > Self-Service > Password Sync/Single Sign On > Add Application, and select ScreenSteps from the applications displayed.
Note: You can also find ScreenSteps from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
- Enter the Application Name and a Description.
- Enter the Domain Name of your ScreenSteps account. For example, if you use johndoe@thinktodaytech.com to log in to ScreenSteps, then thinktodaytech.com is the domain name.
- In the Assign Policies field, choose the policies for which you want the application to be assigned.
Note: ADSelfService Plus enables you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration > Self-Service > Policy Configuration > Add New Policy.
- Click SCIM and select Enable Just-in-Time Provisioning.
- In the API Token field, paste the value you copied in Step 4.
- In the License Consumption Limit field, enter the maximum number of licenses you want to be consumed in this application. This will ensure that only the specified license count is used when creating user accounts in the application. The number of licenses consumed will be displayed next to this field. If license consumption exceeds the specified limit, then the user account creation process is stopped.
Note:
- The license usage details will be visible when editing the application configuration.
- If a user already has an account in the application, their access attempt through ADSelfService Plus will also be counted towards the license count.
- Click Add Application.
You have now successfully configured JIT provisioning for ScreenSteps. User accounts that do not exist in ScreenSteps will be created automatically during SSO login.
Don't see what you're looking for?
-
Visit our community
Post your questions in the forum.
-
Request additional resources
Send us your requirements.
-
Need implementation assistance?
Try onboarding