Connect to Azure Active Directory

You can connect your Azure Active Directory (Azure AD) identity provider when you want to provision users and groups to Atlassian products. You must be an admin with a Microsoft account to connect to your identity provider successfully.

When you complete the setup, you can sync your Azure AD domains and the users associated with these domains to your Atlassian organization.

Before you begin

Before you connect to Azure Active Directory, you must complete these tasks:

1. Subscribe to Atlassian Access from your organization. Learn about Atlassian Access security policies and features

2. Make sure you're an admin for an Atlassian organization. Learn about Organization administration  

Before you connect to Azure Active Directory, we recommend you learn about these tasks:

1. Verify one or more of your domains in your organization. Learn about Domain verification  

2. Review the Limitations of Azure AD for nested groups

Access the correct tenant in Azure AD

To avoid syncing the wrong tenant, link the correct tenant to a new account or set it as the home tenant. Before you start syncing, we show you a message with the domains you're about to sync so that you can verify them.

Connect to Azure Active Directory

To connect to Azure Active Directory:

1. Go to admin.atlassian.com. Select your organization if you have more than one.

2. Select Security > Identity providers.

3. Select Add identity provider > Microsoft Azure AD.

4. Name your identity provider directory.

5. Select Automatically set up user provisioning.

6. Select Sign in with Microsoft.

You can then log in with your Microsoft account to the Microsoft portal. Microsoft asks you to allow Atlassian to access your account. Then we connect to your Azure AD and view a list of users, groups, and domains through Microsoft Graph API.

After you connect, you can set up the sync settings. Learn how to set up sync settings