Syncing a User Source with an External Identity Provider

I’m using an external Identity Provider to manage user access and assign roles, then using Security Level rules to grant users access based on the role provided from the IdP. However, now that I’m implementing alarm notifications, I’m realizing that pretty much all of the alarm notication functionality relies on having users pre-defined in a user source. This means that we have to add them both to the user source (to recieve notifications) and to the external IdP (to secure Perspective access).

Is there some way to automate this process other than manually via a script that fires each time a user logs in? Ideally, I could maintain user information in one location.