Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Enterprise Application

billing greenique
billing greenique
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 12, 2024

Hi, I have been looking for some time in the Atlassian documentation for more information on the individual Enterprise Applications and their functions. When we set up Atlassian Access (with or without SCIM depending), we currently use up to 3 applications within Azure. Atlassian, Atlassian Cloud, Atlassian Cloud (AzureAD sync). The customer wants to know what the individual applications are responsible for and what they control within Azure AD.
Unfortunately, the information is relatively sparse and maybe someone has more information from the official side or can tell me where to look for it.

Answer
Watch
Like Be the first to like this
1104 views

2 answers

1 accepted

2 votes
Answer accepted
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 12, 2024

Hi @billing greenique 

Purely based on the list of names you have provided:

  • Atlassian – this is the app responsible for "shortcut" "Login with Microsoft" login. You can't delete it (it will resurrect itself). You can disable it for your users by configuring it to require explicit assignment and then giving it to nobody or select few – this however is bad UX (people will still reach and click and end up with a cryptic Azure AD error screen trying to tell them that "your admin didn't give this to you"). Instead you should assign the same group as controls your ability to SSO into Atlassian Cloud to this app - i.e. restrict to those who should be allowed to use Atlassian Cloud, but not "everyone".
  • Atlassian Cloud – this is the app responsible for SSO and SCIM (you should really create a 2nd separate instance of this app for SCIM, and leave the 1st instance to only be responsible for SSO – for security reasons, giving you ability to keep syncing user groups via SCIM but denying a user SSO, in the case of some forensic investigation). For SSO – should have a group assigned separate from product access groups (e.g. some of your people may need SSO into Cloud e.g. for this very Community and University but not access to your products). SCIM then should be pushing both SSO group and the product access groups (hence the need for the second app – since it pushes all assigned groups i.e. from a single list, and here you need two lists SSO only vs. SSO + access groups)
  • Atlassian Cloud (AzureAD sync) – this must be (I am guessing, as I never use this one) the newer app responsible for group sync via Microsoft Graph API (this allows you to sync more groups than SCIM, and I think nested ones too?)

 

View More Comments
billing greenique
billing greenique
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 12, 2024

Thank you for this detailed answer. I always find it very nice when the community is so active.

Like
Reply
0 votes
Jehan Bhathena
Jehan Bhathena
Community Champion
February 12, 2024

Hi @billing greenique ,

Not quite sure why there are 2 Atlassian Cloud Apps,

Atlassian creates an app for the email permissions andthe other  for the Azure AD login.

In each Azure app, there are permissions associated with it, you can check along with your AzureAdmin to analyze that.

Do let us know if you find anything 😀 would be agreat Info

Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Guard
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.