JIT provisioning - How to test your attribute mappings

Now that user provisioning is active and configured, it’s ready to be tested.

Before you begin

• Open 2 browser sessions:

  • 🛠 1 admin session for configuring the plugin (signed-in as admin).

  • 🚼 1 anonymous session for testing the configuration (e.g. incognito mode, not signed-in).

• Sign into a non-existent account on the anonymous session.

  • This account must already exist on the identity provider's side.

  • This account mustn't yet exist within the product.

  • Expected outcome: The user will be automatically provisioned after the user is authenticated.

• Checks the list of users in your admin session.

• Verify that the user’s details are correct.

Testing

1. 🛠 Go to the authentication plugin settings page.

2. 🛠 Obtain a login URL:

   1. Go to Login mode > Use <protocol> as secondary authentication.

      You should see a link that can be used to test logins. This is the login URL.

3. 🚼 Open the login URL in incognito mode.

   • You should be presented with your identity provider’s login screen.

   • Incognito mode ensures that the login is done through a separate browser session.

4. 🚼 Log in with an account that you’ve configured on the IDP.

   • We recommend logging in with a special “testing” account that you maintain on the IDP.

   • This account must not already exist within the product because we can’t provision an already existing user.

5. 🛠 Go to the Users screen for your current product.

   • Check to see if a new account was created.

   • Check that the account has the expected details.
     
     

Done! We have now confirmed that user provisioning is enabled and is working as expected.