Enable Atlassian Guard
10 min
Advanced
By the end of this lesson, you'll be able to:
- Demonstrate how to enable Atlassian Guard
- Summarize high-level steps to syncing users through an identity provider
Implement Atlassian Guard in your organization
In order to use Atlassian Guard features, you will need to:
- Verify a domain: To verify ownership of a domain, navigate to the Domains section within the Settings tab located in the admin hub.
- Claim user accounts for the verified domain: Claim some or all accounts also in the Domains section.
To enable Atlassian Guard:
- Go to admin.atlassian.com and select your organization.
- Select the Security tab.
- Select Start your 30-day free trial then confirm. After 30 days, the billing cycle will start and you will be billed for each managed account.
You can find the full billing details for Atlassian Guard in the subscriptions page, under the Billing tab in the admin hub.
Sync users with Atlassian Guard
Identity providers are applications that manage digital user identities, provide authentication services, and provision users to other applications. When you connect Atlassian Guard to an identity provider, admins can work with its directories, sync users and groups, and set user authentication policies.
👇 Click the boxes below to learn more about how you can use identity providers with Atlassian Guard.
Before you can provision users and groups, make sure that you enable Atlassian Guard and your identity provider is ready for provisioning.
👉 For example: Okta is your identity provider. It contains a folder containing users. Okta sends user identity data to Atlassian Guard. SCIM (System for Cross-domain Identity Management) communicates provisioning data between Okta and Atlassian Cloud. Atlassian Guard is the service provider between Okta and your Atlassian Cloud applications. The admin for the Okta creates the users and group.
To enable user provisioning from an identity provider:
- Go to admin.atlassian.com and select your organization.
- Under the Security tab, go to the Identity Provider section.
- Add an identity provider by selecting Add identity provider.
- Provide a name for your identity provider.
- Select Set up user provisioning then select Next.
- Copy the provided URL and key to your identity provider to set up SCIM and connect your identity provider.
- Select Next then select Stop and save SCIM configuration.
You can now see the number of synced groups and users from the Identity providers page.
You can link domains to an identity provider directory to assign users with that domain to be managed by that directory. If you have multiple identity providers provisioning the same user, you can choose which identity provider manages the user by linking a domain to an identity provider directory.
How was this lesson?
next lesson
Provisioning users and groups
- Enable user provisioning in your organization
- Provisioning users
- Provisioning groups
- Deactivate users from your IDP