Applies to

Smartsheet
  • Enterprise

Capabilities

Who can use this capability

  • System Admin

Automatically add users with User Auto-Provisioning (UAP)

User Auto-Provisioning (UAP) automates the process of adding users to an Enterprise plan in Smartsheet.

Who can use this?

Plans:

  • Smartsheet
  • Enterprise

Permissions:

  • System Admin

Find out if this capability is included in Smartsheet Regions or Smartsheet Gov.

Email-based TOTP doesn't support User Auto-Provisioning.

Rather than manually inviting users, you can enable User Auto-Provisioning (UAP). This automatically adds users with an email address with one of the domains associated with your plan.


Manage UAP

  1. Sign in to Admin Center and select Menu.
  2. Select Settings > User Auto-Provisioning
  3. You'll see the list of activated and validated domains. Use the drop-down menu to turn off UAP or add users as licensed users (Legacy Collaborator Model) / Members (User Subscription Model).

    If your plan uses the Legacy Collaborator Model, you can add users as free users. If you're unsure about your model type, learn how to determine the model your plan is on.

Keep the following in mind

  • Add, remove, validate, and activate your domains on the Domain Management page.
  • Manage users added via UAP the same way you manage users you added manually.
  • Users added to your organization through UAP won't receive an email invitation or notification. The same is true for users you add manually via the User Management page (Legacy Collaborator Model) / User roles and reports page (User Subscription Model).
  • Completing the UAP process will require adding records to your public Domain Name System (DNS). You may need to loop in an internal technical resource for assistance.

    To learn more about the records—Domain key (DKIM) record, CNAME record, and DMARC record—see Public DNS entries required for the setup.


Password prompts

In some cases, when UAP is enabled on a plan, new users may be prompted to create a Smartsheet password when they first sign in, even if the organization doesn't have the email+password-based login option enabled.

This can occur when a sheet share creates a user account, and the user still needs to follow the sheet share link to finalize the UAP process, or if the user is invited via User Management (Legacy Collaborator Model) / User roles and reports (User Subscription Model) instead of being provisioned via UAP.

Have the user set a password to complete the signup process for their account. This will complete the enrollment process, allowing them to sign in as usual.