Supported identity providers

Some Atlassian Guard Standard (formerly known as Atlassian Access) features, such as user provisioning and single sign-on, require a third-party identity provider. You can use the identity provider of your choice, but some capabilities are only available with selected identity providers. Learn how to connect an identity provider

SCIM user provisioning

If you don’t want to use a supported identity provider, you can also use the user provisioning API to create your own integration to manage users and groups. Learn about the user provisioning REST API

User provisioning is available for most products, but syncing group memberships is only available for Jira product instances and Confluence.

Single sign-on

If you don’t want to use a supported identity provider, you can use any other identity provider as long as it implements SAML 2.0. We only provide guidance for supported identity providers.

You can’t use OpenID Connect for single sign-on.

Connecting multiple identity providers

An Atlassian Guard Standard subscription allows you to connect one identity provider.

An Enterprise plan allows you to connect multiple identity providers. Atlassian Guard Standard is included with your Enterprise plan at no extra cost.

Nested group considerations

If you're migrating from Data Center, you may need to handle nested groups. This could affect your choice of identity provider. Learn about preparing nested groups for a Cloud migration