Terms associated with identity providers

Identity provider and directories


Identity provider

Stores and manages digital user identities.

Identity provider directory

A directory we create in your Atlassian organization to manage user identities and authentication services from an identity provider.

Local directory

A directory with users who are manually invited, or who sign up for Atlassian products.

Atlassian organization

Your Atlassian organization brings together your company’s users and products. You manage the Atlassian accounts of your employees and the products that belong to your organization.

Provision user


User provisioning

User provisioning integrates an external user directory with your Atlassian organization. This integration allows you to automatically update the users and groups in your Atlassian organization when you make updates in your identity provider.

System for Cross-Domain Identity Management (SCIM)

SCIM, or System for Cross-domain Identity Management, is an open standard that allows for the automation of user provisioning.

Group sync

Group syncing allows you to sync user groups from your identity provider to Atlassian organization.

User lifecycle management

Automatically provision, give users product access and deprovision them from Atlassian products.

Managed accounts

All the Atlassian accounts with email addresses from your verified domain become managed accounts. Managed accounts give you security and access control over your company’s use of Atlassian products.

Unmanaged accounts

Users whose email addresses are from an email domain that you have not verified and claimed as part of an Atlassian organization.


Includes managed and unmanaged accounts.

Linked domain

A linked domain is a domain you associate with an identity provider directory. With a linked domain you specify which directory manages a user’s identity.

Authenticate user, portal-only customer


Security assertion mark up language (SAML)

SAML is an acronym used to describe the Security Assertion Markup Language. The SAML protocol enables secure authentication between identity providers and service providers (Atlassian cloud).

SAML single sign-on (SSO)

SAML single sign-on (SSO) allows your users to authenticate to Atlassian cloud products through your company's existing identity provider. This means they can access multiple tools with the same set of credentials.

Just-in-time provisioning

With Just-In-Time user provisioning (JIT provisioning) we automatically create and update Atlassian accounts when they log in through SAML SSO.

Default authentication policy

We create a default authentication policy for your Atlassian organization. The default policy contains login settings for its members. When we sync new accounts, we add them as members to the default authentication policy.

Portal-only customer (Jira Service Management)

Customers with portal-only accounts access portals in your Jira Service Management help center. Portal-only customers can raise requests, view knowledge-base articles and send email requests. Portal-only customers don’t count towards your product license count because they have no access to your Atlassian cloud products.

Authentication (Jira Service Management)

Authentication settings contain login options for your portal-only customers, and include single sign-on and password authentication methods.

Still need help?

The Atlassian Community is here for you.