Question
Is it necessary for the tenant administrator to manually add users and assign roles after configuring the Single Sign-On (SSO) per tenant in Vantage?
Answer
When logging in using an e-mail address from the specified domain, users will be proposed to authenticate for that tenant even if the account with the specified e-mail does not yet exist in the tenant. If the account does not yet exist in the tenant, it will be created automatically with the Skill User role granted upon the first login and will appear in the list of Users available in Vantage. After the user becomes available in the list, the tenant administrator can adjust the assigned roles if necessary.
Note: Despite the automatic assignment of the Skill User role no skills are selected by default:
Please note, associated e-mail domains are used if the user does not have an account in Vantage, but has an account in the External Identity Provider with which they can log in to Vantage. This domain should be a part of your users' e-mail addresses, e.g. "abbyy.com".