• /
  • Log in
  • Free account

Introduction to automated user management and single-sign on (SSO)

New Relic lets you set up automated user management (AUM), which allows you to import, update, and deactivate your New Relic users from an identity provider, like Azure AD, Okta, or OneLogin.


Before reading the benefits of automated user management, we recommend reading Get started with SAML SSO and SCIM.

Benefits of enabling automated user management include:

  • Time and cost efficiency: When you make changes in your identity provider, such as creating, updating, and removing users, these changes are automatically reflected in New Relic. By being able to manage a large set of users from your identity provider, it reduces the workload of your admins who'd otherwise need to do a significant amount of work in New Relic to accomplish the same thing.
  • Increased productivity: By having a more automatic way to set up users and groups, they're enabled and ready to use New Relic more quickly.
  • Enhanced security: SCIM is an industry standard protocol for maintaining groups of users.
  • Use of this feature requires SAML SSO, so once your users are added to New Relic, they can log in using your identity provider.
  • Popular identity providers Azure AD, Okta, and OneLogin have dedicated New Relic apps, improving ease of enablement.

Requirements and recommendations

Requirements and recommendations:

Set up automated user management

For an explanation of how your identity provider groups map over to New Relic groups, see Group and role mapping.

To use automated user management to import users from your identity provider:

  1. It's important to first review the requirements.
  2. In the authentication domain UI, create a new authentication domain.
  3. If you use Azure AD, Okta, or OneLogin, use the applicable guide: Azure AD | Okta | OneLogin.
  4. If you don't use one of the above services, you'll need to:
  1. Highly recommended: Set a time zone for your users in your identity provider. How you do this will vary by identity provider. If not set in your identity provider, our UI shows UTC time zone dates/times. Time zone is specified in IANA Time Zone database format, also known as the "Olson" time zone database format (for example, "America/Los_Angeles").

If you have issues, contact your account representative.

After being provisioned, your users can click on the New Relic SCIM/SSO application tile in their identity provider to be logged into New Relic.

To learn more about New Relic's roles and capabilities, see Standard roles.

Create issueEdit page
Copyright © 2022 New Relic Inc.