Managing users in Atlassian manually, especially in situations with large numbers of users, is time-consuming and prone to human error. With employees joining various departments and projects on a regular basis, a lot of time is spent on managing users with the access they need which can lead to users being provisioned incorrectly.
miniOrange User Provisioning for Atlassian applications comes packed with a variety of powerful features. With the miniOrange User Provisioning app, employee/user accounts can be created, updated, deleted, and given proper access across multiple applications at the same time. The procedure of adding, updating, and deleting users, as well as managing their access, is automated.
When it comes to Atlassian products such as Jira, Confluence, and Bitbucket you can use Just-in-time provisioning provided with the Single Sign-On functionality of Atlassian Data Center. The native SSO functionality of Atlassian allows you to update the users and their groups at the time of SSO login. However, for most enterprises, this does not fulfill the overall requirement.
Atlassian SSO updates users and groups only at the time of SSO (Just in Time Provisioning).
Most Atlassian customers implementing SAML use the attributes sent in the SAML response to provision users just-in-time.
Using Just In Time (JIT) Provisioning, you receive all group and user information from your Identity Provider. JIT provisioning will remove any existing Jira or Confluence groups that are not in the SSO response. Managing a few groups within Jira or Confluence will never work in this scenario. If you are manually managing some groups, that will not work with Atlassian SSO. This is one of the shortcomings of Atlassian’s provisioning model and may not be an ideal solution for Enterprises.
In this article, we will go over the top provisioning features that you won’t find in Atlassian’s inbuilt User Provisioning in Data Center – but you will find in miniOrange’s User Provisioning App.
Let’s see what the miniOrange User Provisioning app offers along with Just-in-time provisioning:
According to some estimates, approximately 30% of all Atlassian user licenses are unused. This happens because users that leave the organization or change roles don’t have their accounts deactivated in a timely manner. Atlassian users whose accounts haven’t been deactivated can have negative consequences, like exceeding license limits leading to an increase in licensing costs and retaining access from former employees – posing major security concerns.
Just-in-Time provisioning cannot be used to deactivate the user since the SSO process involves active user accounts. You can manually remove the user from the Jira group but it will still consume the licenses.
With the help of our User Provisioning Add-on, you can automatically deactivate and delete multiple users from specific groups. Users can be automatically deleted based on their status in the directory.
Apart from this, the miniOrange User Provisioning App offers a wide range of features focusing on provisioning users from your IDP directory into Atlassian Applications. Below is the detailed comparison of the miniOrange User Provisioning app with native Atlassian.
Ready for the action? Install User Sync today!
It’s really easy to manage users via our developed user provisioning add-ons which can be connected with your IDPs (Azure AD, Okta, OneLogin, G suite, Keycloak) or any other SCIM compliance applications so when you setup your Jira Azure AD SCIM or Jira Okta SCIM, user sync plugin will make it a cakewalk for you. Follow the guide to quickly set it up for the Data Center version.
The add-on also works with Single Sign On where SSO is used for authentication and User sync application is used for automatic provisioning.