• Evaluate the groups created in the Identity Domain as a result of sync with external Identity Provider and determine whether to use them for Just In Time provisioning purpose.

• Login to the OUAF-based application and set up Template Users that represent authorization levels corresponding to the IAM groups synchronized from the external provider.

• Configure the Group - Template User mapping in the Identity Management Integration Master Configuration.