This may seem like a good idea at first, but is not a long-term solution for user management. We require that users are created dynamically, on the fly when they click the link button to access/Institute from your site for the first time. This provides an accurate management of access/Institute users and prevents stagnant Intranet users - possibly former or very part time associates - from appearing in the access/Institute social space if they've never visited.
Most importantly, we need to think of the life-cycle of the application. If a new agent completes orientation in the morning, has an Intranet account set up in the early afternoon, and then clicks to access/Institute later that day the SSO needs to dynamically push this user's information in realtime. A single sync won't succeed in loading future users' data to our system, and a nightly file sync wouldn't either. Additionally, file sync processes require maintenance and another standalone production server configuration on both sides.
Additionally,with Token SSO you are able to include the "Update User" call to automate this process every time a user logs in and may have updated their user information between logins. At this time the only field not able to be updated is the user's emails as that is a user identifier and must be manually updated by sending a list of users names and new emails to be updated. Please Submit a request to facilitate this change.