Provision and sync users from an identity provider
Make changes in your identity provider to users and groups and sync them to your Atlassian organization.
Terms associated with identity providers
Identity provider and directories | Definitions |
|---|---|
Identity provider | Stores and manages digital user identities. |
Identity provider directory | A directory we create in your Atlassian organization to manage user identities and authentication services from an identity provider. |
Local directory | A directory with users who are manually invited, or who sign up for Atlassian products. |
Atlassian organization | Your Atlassian organization brings together your company’s users and products. You manage the Atlassian accounts of your employees and the products that belong to your organization. |
Provision user | Definitions |
|---|---|
User provisioning | User provisioning integrates an external user directory with your Atlassian organization. This integration allows you to automatically update the users and groups in your Atlassian organization when you make updates in your identity provider. |
System for Cross-Domain Identity Management (SCIM) | SCIM, or System for Cross-domain Identity Management, is an open standard that allows for the automation of user provisioning. |
Group sync | Group syncing allows you to sync user groups from your identity provider to Atlassian organization. |
User lifecycle management | Automatically provision, give users product access and deprovision them from Atlassian products. |
Managed accounts | All the Atlassian accounts with email addresses from your verified domain become managed accounts. Managed accounts give you security and access control over your company’s use of Atlassian products. |
Unmanaged accounts | Users whose email addresses are from an email domain that you have not verified and claimed as part of an Atlassian organization. |
Users | Includes managed and unmanaged accounts. |
Linked domain | A linked domain is a domain you associate with an identity provider directory. With a linked domain you specify which directory manages a user’s identity. |
Authenticate user, portal-only customer | Definitions |
|---|---|
Security assertion mark up language (SAML) | SAML is an acronym used to describe the Security Assertion Markup Language. The SAML protocol enables secure authentication between identity providers and service providers (Atlassian cloud). |
SAML single sign-on (SSO) | SAML single sign-on (SSO) allows your users to authenticate to Atlassian cloud products through your company's existing identity provider. This means they can access multiple tools with the same set of credentials. |
Just-in-time provisioning | With Just-In-Time user provisioning (JIT provisioning) we automatically create and update Atlassian accounts when they log in through SAML SSO. |
Default authentication policy | We create a default authentication policy for your Atlassian organization. The default policy contains login settings for its members. When we sync new accounts, we add them as members to the default authentication policy. |
Portal-only customer (Jira Service Management) | Customers with portal-only accounts access portals in your Jira Service Management help center. Portal-only customers can raise requests, view knowledge-base articles and send email requests. Portal-only customers don’t count towards your product license count because they have no access to your Atlassian cloud products. |
Authentication (Jira Service Management) | Authentication settings contain login options for your portal-only customers, and include single sign-on and password authentication methods. |
Was this helpful?