...
The setting can be activated on in the Identity Provider settings, under USER PROVISIONING > Authenticated Anonymous Browsing.
...
Configuring related settings in Kantega SSO Enterprise
Like shown in the yellow message box in the screenshot above, the settings under Just-in-time provisioning have an effect on Authenticated Anonymous Browsing since they both are mechanisms related to the presence of user accounts. This has further implications if you configure Group Memberships, where you can configure conditions for when the user shall be created. This can be configured fluently with Authenticated Anonymous Browsing. For example, you can configure a policy where all users belonging to the “Developers” group in your SSO Identity Provider get users and group memberships created automatically in Bitbucket, while all other users will fall back to browse Bitbucket “anonymously”, after logging in with SSO.