• Documentation
Products
Documentation
Resources
Atlassian Support
/
Provisioning users Resources
/
Provision and sync users from Microsoft Azure AD
/
Connect and sync Azure AD for nested groups

Disconnect Azure Active Directory

When you want to disconnect Microsoft Azure AD from your Atlassian organization, you need to complete two steps:

  1. Disconnect your Microsoft Account

  2. Disconnect your identity provider

When you disconnect your Microsoft account from your Atlassian organization, users can log in with a third-party account or log in with Atlassian credentials after they reset their password. However, their details won't sync when you change their Microsoft accounts.

Disconnect your Microsoft account

Before you can disconnect your Microsoft account, you need to stop enforcing users from logging in with single sign-on.

To stop enforcing single sign-on:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Navigate to Security > Identity provider > View policies.

  3. Select Edit for the authentication policy you’d like to update.

  4. Deselect enforce single sign-on.

Learn more about editing authentication policies

To disconnect your Microsoft account:

  1. Navigate to Security > Identity providers and select your Identity provider directory.  

  2. Select View SAML configuration

  3. Select Delete configuration.

  4. Navigate to User provisioning, and select Edit.

  5. Navigate to Disconnect Microsoft account, and select Disconnect account.

After you disconnect, we don't save any of your sync settings. You can start syncing your users again by setting up another connection to the same or a different Microsoft account.

Product access for users

After you disconnect, your previously synced users and groups maintain product access but lose the sync settings you applied.

Disconnect your identity provider

When you delete an identity provider: we:

  • Delete its directory

  • Move the users from the directory to the default authentication policy in the local directory

  • Move any linked domains to the local directory

Before you can delete your identity provider, you need to:


  • Delete SAML configuration

  • Delete user provisioning configuration

Learn how to disconnect an identity provider

 

Still need help?

The Atlassian Community is here for you.
Ask the Community
On this pageDisconnect your Microsoft accountProduct access for usersDisconnect your identity provider
CommunityQuestions, discussions, and articles