You must be an organization admin to complete the tasks on this page.

When you set up user provisioning, you may run into the situation where your groups in your Atlassian sites have the same names as groups in your identity provider (IDP).

When you sync, we’ll warn you about duplicate group names between your IDP and your Atlassian sites. You’ll then be able to accept or reject changes to group members before you sync those groups.

Do I have group conflicts?

Group conflicts appear as a list on the User Provisioning page. If you don’t see a warning message with a list of groups, then you have no group conflicts.

Group conflicts occur when groups have the same name in your IDP as groups that already exist in your organization.

Review groups before you sync

Before you sync and replace your groups, we’ll share a list with you of group names and a breakdown of the membership changes that will happen. Here’s a screenshot with a sample breakdown.

  1. Name of the group

  2. Product access for the group

  3. Name of each site for the group

  4. Number of users added or removed if you decide to overwrite the group

Can I sync default access groups?

We can’t sync groups from your identity provider when the group is a default access group on your Atlassian product site. If you want to sync the group, you can change its default access status and then sync it.

To change the default access status of the group:

  1. Go to your organization at

  2. Navigate to Sites and Products > Product access.

  3. Under the Options column, select Don’t make this group default.

  4. If you can’t select it, assign default access to another group, and then try again.

Learn more about default access groups.

Update groups before you sync

To update groups before you sync, you compare user membership between the groups in a table, review each potential user change, and then make one of the following updates to your IDP. 

  • Remove users from your IDP group if you don’t want them to gain access to your Atlassian products.

  • Add users to your IDP group if you don't want them to lose access to your Atlassian products.

  • Rename your IDP group if you want to keep your Atlassian site group when syncing from your IDP to your organization.

Sync groups after you review

When we sync groups, we overwrite your organization and site groups with your IDP groups. This means that some users could lose or gain product access and permissions granted by the group.

You have the flexibility to sync one group at a time or to sync all groups at once.

To review and sync groups:

  1. Go to your organization at

  2. Navigate to Directory > User provisioning.

  3. A warning message appears in the Groups tab with a list of duplicate group names.

  4. Select Review groups and sync.

  5. Review member changes (members to be added or removed from the group).

  6. Select Sync group.

If you want to quickly sync all groups then click on Sync all groups and follow the prompts.

Group sync is complete

You know you’re done syncing when the number of synced groups listed in User provisioning matches the number of synced groups in your IDP.

Learn more about syncing in User provisioning or G Suite.