Choose the right Microsoft Azure AD option for you

We offer two options for provisioning users from Microsoft Azure AD to your Atlassian organization, depending on your company's structure and setup requirements.

How do you connect Microsoft Azure AD to your organization?

When you connect your identity provider to an Atlassian organization, we present you with two Microsoft Azure AD options.

Option 1: Manually set up user provisioning
Set up SCIM (System for Cross-Identity Management) manually to sync users and SAML (Security Assertion Markup Language) to require users to log in with single sign-on.

Recommended when you need:

• Flexibility in setting up your Microsoft Azure Active Directory identity provider

• To sync groups and users with no flattening of nested group structure

• To sync when you add users to your identity provider

Learn how to add an identity provider for this option

Option 2. Automatically set up user provisioning
Allow access to Azure AD to automatically set up sync. After you sync, you can set up SAML single sign-on. When you sync groups and users, we flatten the nested group structure and keep the group memberships.

Recommended when you need:

• Easy set up by allowing access to groups and users in your Microsoft Azure Active Directory

• To flatten your nested group structure and keep group memberships

• To sync automatically (every 4 hours)

Learn more about Azure AD for nested groups