Provision and sync users from an identity provider
Make changes in your identity provider to users and groups and sync them to your Atlassian organization.
You can connect an identity provider and configure single sign-on for your portal-only customers (Jira Service Management) when you subscribe to Atlassian Guard. Read more about connecting an identity provider to customers.
Who can do this? |
Connect your identity provider to your Atlassian organization by configuring user provisioning and user authentication. You can choose to configure both user authentication and provisioning or to configure only one. It doesn’t matter the order you configure them in.
If you only set up user provisioning then your users can’t log in with single sign-on.
If you only set up single sign-on then you’re unable to deactivate users from your identity provider.
To connect an identity provider using SAML single sign-on:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Security > Identity providers.
Select the Directory for your identity provider.
Select set up SAML single sign-on.
If you provision users with SAML Just-In-Time, select domains to link to the Directory.
Save your SAML configuration.
Learn how to configure SAML single sign-on
To connect an identity provider using SCIM provisioning:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Security > Identity providers.
Select the Directory for your identity provider.
Set up SCIM configuration.
Save your SCIM configuration.
Learn how to configure SCIM provisioning
To enforce single sign-on with Google Workspace:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Security > Authentication policies.
Select Edit for the policy you want to enforce.
Select Enforce single sign-on.
Was this helpful?