When Just-in-Time (JIT) provisioning is activated in an OpenID Connect single sign-on configuration, a new person record is automatically generated when someone who is not yet registered in 4me is trying to access 4me Self Service. In such cases, 4me’s JIT functionality asks the identity provider to return several claims so that it can add the following information to the new person record:
- Name — uses the
nameclaim, or if not provided, the
- Email address — uses the
- Picture — uses the
- Language preference — uses the
- Time zone — uses the
This last piece of information is new. It ensures that people see date and time information (such as the resolution target of requests) in their time zone, rather than the default time zone of the account in which their person record is registered.
Unfortunately, the most commonly used identity providers (like Microsoft, Google and Apple) do not yet support the
zoneinfo claim by default. Once they start to do this, though, 4me will automatically pick it up and use it to set the time zone preference in the new person records that the JIT provisioning functionality generates.