We are testing out creating additional org roles and want the users to automatically get assigned when they SSO in. One user can have multiple org roles.
We saw there’s some SSO fields already mapped to Contact like branch -> Branch, displayname -> Name...MoreLess
When a new user is provisioned through SSO, we want restrict the user creation or restrict the user from 1st time login, so that we can implement an addition approval layer.