This is for Atlassian Guard but I can't select that...for whatever reason.
Im at the point of verifying my domain to start the installation of Gaurd on my instance but I'm just wondering what happens if I select a group - with three users in it - what happens to the other 97 users in the "administration" section.
Do they remain untouched or do these account just not work any more as the "group" now becomes the point of truth, so to speak?
Thanks in advance
Hello @Tim Kennett
97 users shouldn't stop working just because you verified the domain.
The main thing is to make sure you don't accidentally replace or sync the wrong group that controls product access.
Controls product access?
Do you know where I can find that? We dont have anything sync'd to Azure or AD.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
By "product access group," I mean the group granting Jira/Confluence licenses under admin.atlassian.com → Directory → Groups.
So when you aren't syncing Azure AD, your cloud groups are the sole source of truth. Testing an Atlassian Guard policy on a new 3-user group will only affect those 3 people. The remaining 97 users will be completely safe, as long as you leave their original access group intact and apply the new policy only to the test group.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Arkadiusz.
One more question. I'm guessing that "Identity Providers" isn't the same thing as verifying your Domain?
If we apply the same logic I was asking before does this still work? So under Admin -> Security -> Security Guide -> Identity Providers
it seems to be.
Tim
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You're right. Domain verification proves ownership for account management, but doesn't automatically remove users or strip product access. Access is controlled by your internal Atlassian groups. SSO and provisioning only work if you connect an IdP like Azure AD or Okta.
When testing Atlassian Guard, start with a small, separate policy for test users. Avoid linking the whole domain to an IdP until you understand the impact.
Best,
Arkadiusz 🤠
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Controls product access?
Do you know where I can find that?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.