Do you support Just In time user creation with Heroku SSO?


If someone is added to my Identity Provider (IdP), will they have access to my Heroku Team without me adding them explicitly?


Yes, we do. A user that is not a Heroku user yet (as denoted by the email the IdP sends us) will be created. The user will still need to verify the email address with us. The user will have the default role in the Team, as selected by the Team admins. You can update the default role from the Settings tab for your Heroku Enterprise Team in Dashboard. The default role is member if it has not been set by an admin.

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support