Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Verify Domain - Old users vs New Group users in Guard

Tim Kennett
Contributor
June 21, 2026

This is for Atlassian Guard but I can't select that...for whatever reason.

 

Im at the point of verifying my domain to start the installation of Gaurd on my instance but I'm just wondering what happens if I select a group - with three users in it - what happens to the other 97 users in the "administration" section.

Do they remain untouched or do these account just not work any more as the "group" now becomes the point of truth, so to speak?

Thanks in advance

2 answers

1 accepted

2 votes
Answer accepted
Arkadiusz Wroblewski
Community Champion
June 21, 2026

Hello @Tim Kennett 

97 users shouldn't stop working just because you verified the domain.

The main thing is to make sure you don't accidentally replace or sync the wrong group that controls product access.

Tim Kennett
Contributor
June 21, 2026

Controls product access? 

Do you know where I can find that? We dont have anything sync'd to Azure or AD. 

Arkadiusz Wroblewski
Community Champion
June 21, 2026

By "product access group," I mean the group granting Jira/Confluence licenses under admin.atlassian.com → Directory → Groups.

So when you aren't syncing Azure AD, your cloud groups are the sole source of truth. Testing an Atlassian Guard policy on a new 3-user group will only affect those 3 people. The remaining 97 users will be completely safe, as long as you leave their original access group intact and apply the new policy only to the test group.

 

Like Tim Kennett likes this
Tim Kennett
Contributor
June 22, 2026

Thanks Arkadiusz.

One more question. I'm guessing that "Identity Providers" isn't the same thing as verifying your Domain? 

If we apply the same logic I was asking before does this still work? So under Admin -> Security -> Security Guide -> Identity Providers

it seems to be. 

Tim

Like Arkadiusz Wroblewski likes this
Arkadiusz Wroblewski
Community Champion
June 22, 2026

@Tim Kennett 

You're right. Domain verification proves ownership for account management, but doesn't automatically remove users or strip product access. Access is controlled by your internal Atlassian groups. SSO and provisioning only work if you connect an IdP like Azure AD or Okta.

When testing Atlassian Guard, start with a small, separate policy for test users. Avoid linking the whole domain to an IdP until you understand the impact.

Best,

Arkadiusz 🤠

0 votes
Tim Kennett
Contributor
June 21, 2026

Controls product access? 

Do you know where I can find that?

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events