After 2.0.0 version
After version 2.0.0 when there are changes in group membership, LO now add the user to the access group for every processed request before authorization checks are performed.
This means, that you can also configure your SSO (and sometimes it is recommended) to add users to the groups providing application access during authentication with SSO.
You can configure your SSO to
add the users to the Login Group (only for new users that did not have this group memebership)
add the users to the Access Group, providing access to them by the SSO.
If the user is added to the Access Group by SSO, but it is not member of the Login Group. LO will remove the user from the access group and its access to the application.
Before 2.0.0 version (< 1.6.5)
While License Optimizer supports integration with Single Sign-On (SSO) solutions, it's important to note that certain restrictions apply to ensure optimal functionality.
...