SAML authentication supports Just-in-Time User Provisioning. Enabling this option allows for on-the-fly creation of a team member the first time they try to log in. This eliminates the need to create team members in advance. For example, if you recently added an employee to your company, you don't need to manually create the team member in Lacework.
To use SAML JIT user provisioning, you must add and define additional attributes in your SAML identity provider. For detailed information about configuring JIT, see the steps for your SAML identity provider.
For accounts within an organization, authentication mechanisms at the account level do not apply. You must set authentication at the organization level.