Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How do I change an account's e-mail that is connected to SAML SSO?

Hi Atlassian Community happy Wednesday,

 

Our organization is looking to change the e-mail of an account belonging to another organization that has SAML SSO enabled. Our organization does not have SSO for Atlassian yet.

I cannot change their e-mail from User Administration, and the user cannot change their e-mail, they get the following message:

Log in with SAML enabled
Connected account
Your account is connected to a SAML account. Changing the email address here will disconnect your account from the SAML account.
Managed account
Your account uses single sign-on.
Contact your identity provider administrator to change your email address.

My goal is to change a user's email address so that they retain their historical ownership of Jira/Confluence content.

Questions: What is the best way to approach this, if the other organization disconnects access to the account, does it disconnect the SAML and leave the account in Atlassian intact as "Deactivated" or does it delete the Atlassian account as well?

Is there a way for the other organization in User Administration to disconnect a particular user from Atlassian SAML?

Thanks very much,

-Jake

2 answers

1 accepted

0 votes
Answer accepted

Atlassian support noted that, "this user would need to contact their Org admin, requesting them to either exclude their account from SSO, or update the email address"

Hi @Jake Budin 

As an administrator, you can change the email address from your Org admin hub. Just ensure that the domain is claimed in the Org where you want to implement the change of email. What you cannot do is change the email address of a user who's domain you've not claimed. So the first step here is ensure that the domain you're administering is already claimed in your Org before you could proceed to the next step.

Likewise, disconnecting or invalidating a domain claim, allows for another Org to claim and verify that domain. Atlassian access does not deactivates or deletes an account as a result of disconnecting a domain from your Org or removing the SAML.

Good day Prince,

 

The user is from another organization, the ability to change their e-mail address is greyed out from the Org admin hub. We cannot claim that domain because it is their domain.

The latter part of your comment is helpful, as you explain if a user is deprovisioned in SAML SSO, their Atlassian account is not deleted

Unfortunately, you won't be able to do anything since you don't have ownership of that domain.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Atlassian Access

Atlassian Access Demo Q&A Recap

Hi Community! Thank you to all who joined our ongoing monthly Atlassian Access demo! We have an engaging group of attendees who asked many great questions. I’ll share a recap of frequently ask...

470 views 1 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you