Administer platform experiences in Atlassian Home
Find compliance, admin, and other information related to Atlassian Home
This page assumes you have read this guide on syncing the manager attribute with Atlassian Home. This step is a prerequisite for syncing the manager attribute with Okta.
Atlassian determines the manager of a user by taking the value received for the manager field (manager) and looking up a match by either email (if the value was an email) or user id (if the value was an id). Think about the manager as a reference to another person.
If you have stored the manager information in Azure AD using its native manager field, Azure AD will send us the value as the manager ID, so you don’t need to worry about this. If you’re storing the manager value in a custom field, you need to ensure that the value is either the email or the ID of the manager.
For example, here is the simple reporting line consisting of three people, where the top manager (the right-most person) doesn't have the manager set. This is usually the case with the company's Founders, CEOs, etc.
In this case, the reference is made via the email value (notice the values for the manager field in the blue boxes and how they refer to the person's manager).
And here is the same example but with the references made via the user IDs (notice the values for the manager filed in the blue boxes and how they refer to the person's manager).
In Okta, create a new field for the Atlassian application.
This step will define the structure of the field we receive at Atlassian when a new user is created/updated, so it’s important to ensure that you follow the correct schema definition:
Namespace | urn:ietf:params:scim:schemas:extension:enterprise:2.0:User |
External name | manager.value |
IT IS IMPORTANT to ensure that the external name and namespace are defined exactly as described above (as specified by the SCIM specification in RFC 7643 section 4.3). Everything else won't be recognized by Atlassian’s Cloud API and will be discarded.
To start, go to the Atlassian application and select “Go to profile Editor” under the “Provisioning” tab:
In the profile editor, select “add attribute” and configure as defined in the below:
Add Attribute modal inputs from image above:
Data type: string
Display name: Manager
Variable name: managerValue
External name: manager.value
External namespace: urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
Description: Manager ID or Email
Enum: unchecked
Attribute length: Between min and max
Attribute required: unchecked
Scope: unchecked
Map the newly created field to the internal Okta field that contains the manager value. The value we expect to receive is a string containing either the email or the internal user-id of the user’s manager.
Go back to the “Provisioning” tab of the Atlassian Cloud application
Scroll to the bottom of the page and select “Show Unmapped Attributes”
Find the new “Manager” attribute created in the previous step and select the edit button.
Under “Attribute value”, select “Map From Okta Profile” and then select the correct field in Okta that has the manager’s email or ID.
To keep it in sync, make sure “Create and update” is checked to send updates to Atlassian when the user is created or updated
Re-sync your user base once the mapping is complete and you’re ready to send the new information to Atlassian.
You can check the progress of the sync by visiting admin.atlassian.com and navigating to “Security → Identity Providers → Your Okta Directory”, and checking the “User provisioning” info.
Once the sync is complete, visit a user profile in Atlas, Jira, or Confluence to see the new section for “Reporting lines“, which shows the user’s manager and direct reports or peers.
We are currently investigating a behavior that requires emails to be case sensitive before they can be added. If you are experiencing trouble with the manager attribute, you may be able to resolve it by changing emails to all lowercase text. We apologize for the inconvenience this may cause.
Ensure that there are no typos in the manager field created in Step 1. The namespace should be urn:ietf:params:scim:schemas:extension:enterprise:2.0:User and the external name manager.value.
Also, confirm that your Okta users have a manager attribute that it’s either the email or the user id of their manager and that you have mapped this attribute to the newly created field as described in Step 2.
You might also have to re-sync all users and ensure that the users were indeed resynced to Atlassian by looking at Okta’s logs.
Typically, one person in the organization has no manager (e.g., the CEO). It is important to ensure that this person's manager field is empty and has no value set to it on Okta to prevent the missing profile error (shown below)
Contact us through the “give feedback” button in the navigation bar of Atlassian Home, and we’ll assist you.
Was this helpful?