Auto-provisioning is the process by which a user is automatically granted access to an application based on the permissions associated with their user role in the SIS. This is especially helpful for products like Degree Map or Inspire for Faculty where the number of users is typically higher, but it can be utilized for any product. Configuration for auto-provisioning is often completed during deployment and requires some coordination by Civitas and your institution’s SSO engineers.
There are three major steps involved in setting up auto-provisioning.
Determine the application and feature permissions that will be granted to groups of users.
Use the Access Permissions table to review roles/permissions in Civitas products.
Work with Civitas to determine role attribute/data fields in your SIS that can be mapped to a user's SSO requests. This information is necessary for creating a Permission Set in the User Management console.
The internal role identifier is the flag Civitas will recognize when a request comes through. There is no custom logic for role identifiers. You must be able to identify/provide a flag for the group you would like to map in your SIS.
Create corresponding permission sets to send as part of your SSO requests.
Every time a user logs in via SSO, we determine which permissions they should have based on this mapping and update their Civitas user account.
Note: Once auto-provisioning is configured, coordinate internally with your SSO team to create new role identifiers and add associated permissions sets in the Permission Sets tab.