Using Single Sign-On (SSO) with ISMS.online allows you to take advantage of a powerful provisioning tool for mass user creation — New User Templates (NUTs).
What Are New User Templates?
A New User Template acts as a blueprint, automatically assigning work areas to a user when they first log in via SSO.
Key points to note:
- New User Templates apply only to users created after the template is set up.
- Any changes you make to a template will apply to future users but will not affect existing users.
- There is no limit to how many templates you can create.
- If multiple templates apply to a user, ISMS.online will grant the highest level of access for each work area.
Applying Templates
You can apply templates in two ways:
- All Users
- A baseline template for everyone in your organisation.
- For example, you might grant all users access to a Day 1 induction Policy Pack.
- Users in a Specific Identity Provider Group
- Assign templates to match groups set up in Okta.
- Example: You might have separate templates for Development, Customer Success, and Sales, each granting access to their own Policy Packs, processes, projects, and communication groups.
Setting Up a New User Template in Okta
1. Create a Group in Okta
If your organisation already has groups (e.g. Development, Customer Success, Sales), you can skip this step. If not:
- Go to Okta Admin Panel > Directory > Groups.
- Click Add Group.
- Use Assign People to add users to the group.
2. Create a Group Attribute Statement
Using the group Test as an example:
- Go to Okta Admin Panel > Applications > ISMS.online > General.
- Click Edit beside SAML Settings.
- Click Next to go to Step 2 – Configure SAML.
- Under Group Attribute Statements (optional), enter:
- Name: http://schemas.xmlsoap.org/claims/Group
- Name format: Unspecified
- Filter: Select Equals, then enter the group name (e.g. Test).
- Click Next, then Finish.
Note: You’ll need a separate Group Attribute Statement for each group, updating only the Filter value to match the group name.
Creating a New User Template in ISMS.online
- Sign in to ISMS.online.
- Go to Organisation Settings > New User Templates.
- Click Create New Template.
- Enter a name for the template.
- Select Only users who belong to a group in the identity provider.
- For SSO Attribute, enter the group name from Okta (e.g. Test).
- Scroll down and set the access permissions for members of this group. (You can only set permissions for areas you administer.)
- Save your changes.
How It Works
When a user without an existing ISMS.online account signs in via SSO:
- If they have an Okta account with access to ISMS.online, a new user account is created automatically.
- Their Okta group memberships are checked against all New User Templates.
- Access is granted based on the highest permission level across all applicable templates.
Need Help?
If you have questions or run into any issues, contact our support team via:
- Live chat within the platform
- Email: support@isms.online