User Auto Provisioning

APPLIES TO

  • Smartsheet
  • Enterprise

For more information about plan types and included capabilities, see the Smartsheet Plans page.

RELATED CAPABILITIES

Who can use this capability?

  • System Admin

Find out if this capability is included in Smartsheet Regions or Smartsheet Gov.

User Auto Provisioning (UAP) automatically adds users who match the configured domain to your plan.

With UAP enabled, when a user with a validated domain logs in, they are automatically added to the account user list. It may be helpful to think of this as “Just In Time” provisioning by domain.

Enabling UAP will ensure that users with company domains adhere to the same security and account settings. You can set up multiple domains if needed.

Automatically add users with User Auto-Provisioning (UAP)

APPLIES TO

  • Smartsheet
  • Enterprise

For more information about plan types and included capabilities, see the Smartsheet Plans page.

RELATED CAPABILITIES

Who can use this capability?

  • System Admin

Find out if this capability is included in Smartsheet Regions or Smartsheet Gov.

Email-based TOTP doesn't support User Auto-Provisioning.

Rather than manually inviting users through the User Management screen, you can enable user auto-provisioning (UAP). This automatically adds users with an email address your organization owns to your plan.

Manage UAP

  1. Log in to Admin Center.
  2. On the right sidebar, select Settings > User Auto-Provisioning.
  3. You'll see the list of activated and validated domains. You can use the drop-down menu to turn off UAP or add users as licensed users (Legacy Collaborator Model) / Members (User Subscription Model).

If your plan uses the Legacy Collaborator Model, you can add users as free users.

Not sure which model your plan uses? Check if there’s a Manage true-up page in Admin Center. If there is, your plan uses the User Subscription Model. See the User Subscription Model overview article for more information.

The domain management page is where you will add, remove, validate, and activate your domains.

You can still manage users automatically added to the plan via User Auto-Provisioning from the User Management screen. 

Completing the UAP process will require you to add records to your public Domain Name System (DNS), so you may need to loop in an internal technical resource for assistance. To learn more about the records—Domain key (DKIM) record, CNAME record, and DMARC record—see Public DNS entries required for the setup.

Password prompts

In some cases, when User Auto-Provisioning (UAP) is enabled on a plan, new users may be prompted to create a Smartsheet password when they first log in, even if the organization doesn't have the Email & Password login option enabled.

This can occur when a sheet share creates a user account, and the user still needs to follow the sheet share link to finalize the UAP process, or if the user is invited via User Management instead of provisioned via UAP.

Have the user set a password to complete the signup process for their account. This will complete the enrollment process, and they can log in as usual.