Provision and sync users from an identity provider
Make changes in your identity provider to users and groups and sync them to your Atlassian organization.
You can now find Google Workspace in the same place you manage any identity provider. To find it, go to under Security > Identity providers. Learn more about identity providers
When you connect to Google Workspace, you sync your Google Workspace domains and the users under these domains to your Atlassian organization, giving you the power to manage all users from the Google Workspace admin console.
In addition, all users on your email domain will be able to log in to Atlassian products with their Google account.
When you connect to Google Workspace, you’re unable to provision users via SCIM or use SAML single sign-on because we provision users from Google Workspace and they’ll be able to authenticate through Google.
These are the steps you must do before you connect to Google Workspace:
1. Make sure you’re an organization admin for Atlassian
2. Make sure you’re an admin for your Google Workspace account with the following permissions:
Organization > Read
Users > Read
Groups
Domain Settings
3. Add a Google Workspace directory to your Atlassian organization. Learn how to add an identity provider
If your Google Workspace admin access is revoked, your Google Workspace sync will stop working.
You can find Google Workspace from your organization administration view after selecting Security> identity provider.
Go to admin.atlassian.com. Select your organization if you have more than one.
Choose Google Workspace as your identity provider.
Name and add your Google Workspace directory.
Select Connect Google Workspace.
Sign in to your Google Workspace account.
Select Allow to provide consent for Atlassian to view the information needed to connect Google Workspace. This information includes who you are on Google Workspace and your email address, domain, and users and groups under your domain.
Once you’re done connecting you’re ready to set up new settings for Google Workspace.
Learn more about setting up Google Workspace
We’ll sync your users. When the sync happens you need to give product access to new users.
To grant new users product access:
Go to your organization at admin.atlassian.com
Select Sites and Products.
Select Product Access in the left nav.
Add the group and its new users to products.
If you connect to Google Workspace product access is turned off for new users. After the first sync is completed, you can turn it on.
If you disconnect your organization, we maintain product access for your previously synced users. When you reconnect the organization, we remove product access from any previously synced users that are not part of the new sync.
Linking Google Workspace and Atlassian accounts
If a user you’re syncing from Google Workspace already exists, we’ll link the Google Workspace and Atlassian accounts based on their primary email address and Google Workspace identification.
Automatically sync product details
If a user already exists in an organization but isn’t in the Google Workspace group you’re syncing, the user keeps their product access in Atlassian after you sync.
However, we won’t sync your updates to product details of unsynced users in Google Workspace. Add the user to a synced group or sync all users to automatically keep their details up to date in your organization.
We sync all Google Workspace users to a single group called All users from Google Workspace. To find this group, go to Groups in your Google Workspace directory.
If you connect to Google Workspace and subscribe to Atlassian Guard Standard, you can sync specific Google Workspace users to specific groups.
All domains and sub-domains associated with your Google Workspace account become verified for your organization. Go to Settings > Domains and select the Google Workspace tab to see a list of those domains.
Updates you make to a synced Google Workspace account will get updated in your organization when Google Workspace syncs (every 4 hours). You see all synced users from the Directory > Managed accounts in the organization.
When you disconnect from Google Workspace, users permanently stop syncing. Your users can still log in to your products with their Google credentials or log in with Atlassian credentials after they reset their password. However, their details won't sync when you make changes to their Google accounts.
Unless you verify your domain at admin.atlassian.com, you won’t be able to manage or edit account details for users with accounts from that domain.
To disconnect your organization’s site(s) from Google Workspace:
Go to admin.atlassian.com. Select your organization if you have more than one.
Navigate to Security > Identity providers and select your Google Workspace directory.
Select Disconnect account and follow the prompts.
After you disconnect, we don't save any of your Google Workspace settings. You can start syncing your users again by setting up another connection to Google Workspace.
Users will not lose product access when you disconnect Google Workspace. If you require users to log in with Google, they will need to reset their password to log in.
Was this helpful?