Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,295,486
Community Members
 
Community Events
165
Community Groups

How To: Atlassian Access - Configure User Provisioning with a Third-Party Identity Provider

This guide will walk you through the process of configuring User Provisioning with a Third-Party Identity Provider for your Atlassian Cloud organization.

For your convenience, there is a video version of this guide at the bottom of this article this will show you how to follow these steps. Also, each of the headings are hyperlinked to the specific time interval in the companion video where that topic is covered.

Before you begin, there are some things you will need or assumptions I will be making about what you have access to as a part of this tutorial. If you don’t have the ability to change or update something that is included in this guide you will either need to find someone that has the ability to perform certain steps or can give you the access you need to perform those steps.

Prerequisites:

  • You are going to need to be an Atlassian Organization Administrator for you Atlassian Cloud Organization.

  • You are going to need to have a subscription to Atlassian Access.

  • In order to modify managed users, you will need to have already verified your domain and claimed your domain accounts. (Follow this guide if you haven’t completed that step yet)

  • You are going to need to have a Third-party identity provider setup to the point where you have users and/or groups to be provisioned into your Atlassian Cloud instance.

Configure User Provisioning with an Identity Provider

You may wish to also refer to the Atlassian Documentation for setting up SAML as there are guides for every supported identity provider and this guide will only be covering Microsoft Azure AD:

https://support.atlassian.com/provisioning-users/docs/configure-user-provisioning-with-an-identity-provider/

In addition, I won’t be covering how to setup Azure AD that is outside the scope of this guide. This guide will cover the things you will need to know with Microsoft Azure that relate to setting up the integration between Azure AD and Atlassian Access.

Adding Atlassian Cloud app in Azure AD

  • Start by logging into Azure: https://portal.azure.com/#home

  • Then click on the “Azure Active Directory” tile on the home page.
    AzureADPortalScreen.JPG

  • Next, click on “Enterprise Applications“ in the left hand menu, followed by “+ New application” from the top menu.
    AzureAD_NewApp.JPG

  • “Atlassian Cloud“ should be in the featured applications list, but if it isn’t there use the search bar to find it. Once you have, click on the tile for it. Then, in the right hand popup menu click the create button (you can change the name if you want to, but I’d recommend leaving it at the default of “Atlassian Cloud”).
    AzureADAtlassianCloud.JPG

  • It will take a couple of minutes to create the new application. Once it’s finished it will take you to the Atlassian Cloud application overview page. From here, we want to click on the “Assign users and groups“ link for “1. Assign users and groups“

Assign Users and Groups

  • On the next page click the “+ Add user/group“

  • On this page you will want to select all the users and groups that you would like to make available for provisioning.
    AzureAD_SelectUsers.JPG

  • Click on the “None Selected“ link, then click on all the users/groups in the right hand popup menu and click the select button at that bottom. Then, click the “Assign“ button in the bottom left of the main page.
    AzureAD_SelectedUsers.JPG

Setting up User Provisioning Settings

  • Select “Provisioning“ from the left hand menu. Then, click the “Get started“ button.
    AzureAD_SetupUserProvisioning.JPG

  • On the next page, change the Provisioning Mode to “Automatic“.
    AzureAD_UserProvisioningAutomatic.JPG

Create a User Provisioning API token in Atlassian Access

  • Login to your Atlassian Organization Admin page, which you can do by going to https://admin.atlassian.com, then selecting the Organization you wish to manage.

  • Next, you will want to navigate to the Settings → User provisioning menu options
    AtlassianAdmin_UserProvisioning.JPG

  • Click on the “Create a directory“ button.

  • On the next, screen enter a name for your directory. Then, click the “Create“ button.
    AtlassianAD_CreateDirectory.JPG

  • NOTE: Please copy the values on the next page to somewhere safe! As soon as you leave this page You can’t access these values again and you will need to delete the directory and start again.
    AtlassianAdmin_UserProvisioningAPI.JPG

  • You will need to copy the “Directory base URL“ value and place it in the “Tenant URL“ field in the Azure AD Provisioning page.

  • You will need to copy the “API key“ value and place it in the “Secret token“ field in the Azure AD Provisioning page.

  • Once you have copied both values, press the “Test Connection“ button. If it reports success, click the “Save“ button at the top of the page.
    AzureAD_TestConnection.JPG

  • If you were not successful, try copying the values again.

Configure product access for the provisioned groups and users

  • Once you have successfully saved the provisioning settings, use the breadcrumb navigation to go back to the “Atlassian Cloud“ app overview.

  • If you aren’t on the “Provisioning“ page, use the left hand menu to go to that page.

  • In the top menu click on the “Start provisioning“ button.
    AzureAd_StartProvisioning.JPG

  • Once successful, go back to the Atlassian Organization Admin page.

  • Click the “Done“ button on the directory setup page.

  • It can take some time for the sync to happen, but you should at some point see synced users & groups.
    AtlassianAdmin_SyncdUsers.JPG

  • If you go back to the Azure Portal, and click the refresh button, you should also see the same number of users & groups listed as provisioned from the Azure side as well.
    AzureAD_ProvisionedUserResults.JPG

2 comments

Excellent article!

Like Jimmy Seddon likes this
Eduardo Oliveira Marketplace Partner Jun 21, 2022

Great article @Jimmy Seddon

Like Jimmy Seddon likes this

Comment

Log in or Sign up to comment
TAGS
Community showcase
Published in Atlassian Access

Atlassian Access Demo Q&A Recap

Hi Community! Thank you to all who joined our ongoing monthly Atlassian Access demo! We have an engaging group of attendees who asked many great questions. I’ll share a recap of frequently ask...

1,121 views 3 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you