JIT Provisioning
Just-in-Time (JIT) provisioning creates a user account in Files.com the first time a user logs in through a configured identity provider. You onboard users without setting up accounts in advance or running a synchronization process.
Files.com supports JIT provisioning with identity providers including Microsoft Entra ID, OneLogin, JumpCloud, and Auth0.
JIT is one of two automated provisioning approaches Files.com supports. If you're not sure JIT is the right fit, see JIT vs. SCIM below.
Setting Up JIT Provisioning
To enable JIT provisioning, add a new identity provider in Files.com and choose Use JIT Provisioning under Provisioning Method. Files.com then creates user accounts automatically when users log in for the first time. The configuration options below control how new accounts are provisioned.
Configuration Options
| Configuration Option | Details |
|---|---|
| Provision users to this company name | Automatically sets the company name in the user profile for newly created users. |
| Add users to these default groups on first login | Automatically adds each newly created user to one or more predefined groups. |
| Two-Factor Authentication settings | Controls the 2FA requirement for provisioned users. You can inherit the site-wide policy, always require 2FA, or never require it. For example, if your site-wide 2FA policy mandates Always required for all users, but you need to exempt JIT provisioned users from this requirement, select Never require 2FA. |
| Protocol permissions | Specifies which protocols (FTP, SFTP, WebDAV) users are allowed to use. These can be toggled individually. |
| Default time zone for auto-provisioned users | Sets the default time zone for new users. If left blank, the site-level time zone is applied. |
JIT vs. SCIM
Use JIT provisioning when you want to create users automatically at login without managing them in advance. It works well for environments that do not need group synchronization, user updates, or automated deactivation.
Use SCIM when you need to manage users over time. SCIM supports automatic user updates, group membership synchronization, and user deactivation. SCIM matters most with Microsoft Entra ID, which sends group identifiers as unreadable UUIDs during JIT provisioning. SCIM manages groups directly and avoids that limitation.
Choose JIT if you only need to create users once and do not rely on groups or lifecycle changes. Choose SCIM if you need to manage access, roles, and user status automatically.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes