chore: update changeset (#6077)

logto-io · Jun 21, 2024 · 9f72a45 · 9f72a45
1 parent 5065eea
commit 9f72a45
Showing 1 changed file with 20 additions and 2 deletions.
diff --git a/.changeset/smart-laws-compare.md b/.changeset/smart-laws-compare.md
@@ -8,11 +8,16 @@
 
 feature: just-in-time user provisioning for organizations
 
-This feature allows organizations to provision users when signing up with their email address or being added by Management API.
+This feature allows users to automatically join the organization and be assigned roles upon their first sign-in through some authentication methods. You can set requirements to meet for just-in-time provisioning.
 
 ### Email domains
 
-If the user's verified email domain matches one of the organization's configured domains, the user will be automatically provisioned to the organization.
+New users will automatically join organizations with just-in-time provisioning if they:
+
+- Sign up with verified email addresses, or;
+- Use social sign-in with verified email addresses.
+
+This applies to organizations that have the same email domain configured.
 
 To enable this feature, you can add email domain via the Management API or the Logto Console:
 
@@ -23,6 +28,19 @@ To enable this feature, you can add email domain via the Management API or the L
   - `DELETE /organizations/{organizationId}/jit/email-domains/{emailDomain}`
 - In the Logto Console, you can manage email domains in the organization details page -> "Just-in-time provisioning" section.
 
+### SSO connectors
+
+New or existing users signing in through enterprise SSO for the first time will automatically join organizations that have just-in-time provisioning configured for the SSO connector.
+
+To enable this feature, you can add SSO connectors via the Management API or the Logto Console:
+
+- We added the following new endpoints to the Management API:
+  - `GET /organizations/{organizationId}/jit/sso-connectors`
+  - `POST /organizations/{organizationId}/jit/sso-connectors`
+  - `PUT /organizations/{organizationId}/jit/sso-connectors`
+  - `DELETE /organizations/{organizationId}/jit/sso-connectors/{ssoConnectorId}`
+- In the Logto Console, you can manage SSO connectors in the organization details page -> "Just-in-time provisioning" section.
+
 ### Default organization roles
 
 You can also configure the default roles for users provisioned via this feature. The default roles will be assigned to the user when they are provisioned.