Provision and sync users from an identity provider
Make changes in your identity provider to users and groups and sync them to your Atlassian organization.
The ability to connect Microsoft Azure AD to Atlassian and begin syncing your nested group structure is available to participants in an early access program. Azure AD for nested groups will be generally available soon. Check updates on progress for release date
You can connect your Azure Active Directory (Azure AD) identity provider when you want to provision users and groups to Atlassian products. You must be an admin with a Microsoft account to connect to your identity provider successfully.
When you complete the setup, you can sync your Azure AD domains and the users associated with these domains to your Atlassian organization.
Subscribe to Atlassian Access from your organization. Learn about Atlassian Access security policies and features
Make sure you're an admin for an Atlassian organization. Learn about Organization administration
Verify one or more of your domains in your organization. Learn about Domain verification
Review the Limitations of Azure AD for nested groups
To avoid syncing the wrong tenant, link the correct tenant to a new account or set it as the home tenant. Before you start syncing, we show you a message with the domains you're about to sync so that you can verify them.
To connect to Azure Active Directory:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Security > Identity providers.
Select Add identity provider > Microsoft Azure AD.
Name your identity provider directory.
Select Automatically set up user provisioning.
Select Sign in with Microsoft.
You can then log in with your Microsoft account to the Microsoft portal. Microsoft asks you to allow Atlassian to access your account. Then we connect to your Azure AD and view a list of users, groups, and domains through Microsoft Graph API.
After you connect, you can set up the sync settings. Learn how to set up sync settings
Was this helpful?