Confluence: Too many users per group affecting syncing from an identity provider

This insight checks whether any of your groups exceed the limit of users, including users from nested groups.

How does the user count affect syncing?

Atlassian Cloud limits the number of users you can sync from an identity provider to a single group. Having more users in a group affects performance, user actions around Confluence, and might cause issues when applying permissions. If you have groups with users above the limit, you can still migrate them (with the risk of the same performance issues), but users above the limit won’t be synced and updated on the cloud side.

Learn more about limits in cloud user provisioning

Why are users from nested groups included?

Atlassian Cloud doesn’t support nested groups. You can keep a nested structure in your external directory, but it must be flattened before it lands in cloud. In cloud, all groups live on the same level.

Flattening happens on two occasions:

• Migration: When you migrate, the migration assistant flattens all nested groups.

• Syncing from IdP: Most IdPs support flattening natively, in which case you sync an already flattened structure. For those who don’t, like Microsoft Azure AD, we have our custom integrations that flatten your nested groups when syncing.

After flattening, all users from nested groups become direct members of the parent group, which increases its size. This is why we’re counting users from nested groups in your results vs. the limit.

Here’s an example of how it works when syncing from an IdP (migration works in the same way):

Learn more about nested groups and flattening

What’s the recommendation?

You should reduce the number of users in the affected groups below the limit to make sure syncing works correctly and that you don't experience any performance issues in the future.

We recommend that you try splitting your large groups into smaller ones, but can't give you an exact recommendation, because it will depend on your user management. If you need some ideas for reducing the total number of users, check our recommendation for the Users guardrail.

If you’re unable to optimize these groups, you can request to increase the limit for your organization.

Review affected groups

Using the SQL query

When viewing this recommendation from the dashboard, copy the SQL query and run it on your database.

The query returns:

• Names of groups with too many users

• User count for each group

Split the groups into smaller ones

We can't give you an exact recommendations on how to optimize these groups, because this will depend on your user management and requirements of your organization. The general rule is to try to spit the groups into smaller ones or reduce the number of users in each affected group.

For reducing the number of users, check our recommendations for the Users guardrail.

If you’re unable to do optimize these groups, you can request to increase the limit for your organization.

Request to increase the limit

If you’re unable to bring the number below the limit, we can manually increase the limit for your organization. You should treat this option as the last resort, because it can affect performance.

Make sure that you accept the following risks before you request the increase:

• Performance issues

• User interface issues

• User experience issues

• Issues with applying permissions to large groups

To increase the limit, raise a Support ticket for cloud Support by choosing Technical issues and bugs in the contact form with the following data: