ISMS.online’s Single Sign-On (SSO) integration includes a powerful feature: New User Templates. This allows administrators to automatically assign access and permissions to new users as they log in for the first time.

Please note:
New User Templates apply only to users created at the point of logging in via SSO. These templates cannot be used for users created manually in advance.


Reminder:
 Entra ID is the updated name for Microsoft Azure Active Directory (Azure AD).

What Are New User Templates?

New User Templates are designed to help platform administrators streamline onboarding by automatically assigning Work areas and permissions to new users based on their role or department.

There are two types of templates:

1. Templates for All New Users

This type applies universally. You can only have one active template of this kind, and it is applied to every new SSO-created user in addition to any group-specific templates.

Example:
 You might assign an “Employee Induction” Work area to all new users while also giving them access to department-specific content through a group-based template.

2. Templates for Specific Groups

These templates are linked to defined groups in Entra ID. When a user logs in for the first time, ISMS.online identifies the group they belong to and applies the appropriate template.

Setting Up New User Templates

Step 1: Create a Group Attribute Claim in Entra ID

This step allows ISMS.online to read group information from Entra ID when new users log in.

  1. Navigate to:
    Entra ID > Enterprise Applications > ISMS.online app > Single Sign-On > User Attributes & Claims
  2. Click Add a group claim.

  1. Define which groups the claim should include, then complete the configuration as follows:
    • Claim name:
       http://schemas.xmlsoap.org/claims/Group
    • Source attribute:
       user.groups

  1. Click Save, then refresh the page to confirm the configuration is in place.

A paste-able version of the URL is :

http://schemas.xmlsoap.org/claims/Group
user.groups


Step 2: Create or Identify Groups in Entra ID

If your organisation doesn’t already have relevant groups set up (e.g. based on department or team), you’ll need to create them.

To create a group:

  1. Go to Entra ID > Groups See here for the Microsoft guide on creating Groups.
  2. Click New Group and follow the prompts.
    (Refer to Microsoft’s guide on creating groups if needed.)
  3. Open the group for which you want to create a template and copy the Object ID.


Step 3: Create a New User Template in ISMS.online

  1. In ISMS.online, go to:
    Organisation Settings > New User Templates
  2. Click Create New Template

.



  1. Complete the template details (name, description, etc.)
  2. Choose the option:
    Only users who belong to a group in the identity provider
  3. Paste the Object ID from Entra ID into the SSO Attribute field


  1. Scroll down to assign:
    • Permissions
    • Work areas
    • Policy Packs

Once saved, this template will be applied automatically to any new user who belongs to the linked group and logs in via SSO.

Example:
 If you create a “Marketing” template and link it to your organisation’s Marketing group in Entra ID, any new SSO user in that group will be automatically assigned the relevant access, Work areas, and Policy Packs defined in your template.

If you need any support while setting up New User Templates or configuring SSO, our support team is happy to help. Contact us at support@isms.online.