In this article:
Problem
Assuming customer.com is a SAML enabled customer, the user with email user1@customer.com does not exist yet on the platform. If user1@customer.com is entered in the login page, the user is not prompted to login via SSO, but to enter a password. The platform does not automatically considers that since it’s a @customer.com email, therefore it should be assigned to customer.com tenant and have the SAML login. This behaviour prevents the JIT provisioning feature via the platform login page.
Answer
Our Engineering and Product are aware of this limitation and are working on improving the login experience.
Workaround
It is possible to leverage SCIM to synchronise the users or to use IdP initiated SAML to benefit from the JIT provisioning.
See also
SCIM
JIT