Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,370,031
Community Members
 
Community Events
168
Community Groups

How do I change an account's e-mail that is connected to SAML SSO?

Hi Atlassian Community happy Wednesday,

 

Our organization is looking to change the e-mail of an account belonging to another organization that has SAML SSO enabled. Our organization does not have SSO for Atlassian yet.

I cannot change their e-mail from User Administration, and the user cannot change their e-mail, they get the following message:

Log in with SAML enabled
Connected account
Your account is connected to a SAML account. Changing the email address here will disconnect your account from the SAML account.
Managed account
Your account uses single sign-on.
Contact your identity provider administrator to change your email address.

My goal is to change a user's email address so that they retain their historical ownership of Jira/Confluence content.

Questions: What is the best way to approach this, if the other organization disconnects access to the account, does it disconnect the SAML and leave the account in Atlassian intact as "Deactivated" or does it delete the Atlassian account as well?

Is there a way for the other organization in User Administration to disconnect a particular user from Atlassian SAML?

Thanks very much,

-Jake

2 answers

1 accepted

0 votes
Answer accepted

Atlassian support noted that, "this user would need to contact their Org admin, requesting them to either exclude their account from SSO, or update the email address"

0 votes

Hi @Jake Budin 

As an administrator, you can change the email address from your Org admin hub. Just ensure that the domain is claimed in the Org where you want to implement the change of email. What you cannot do is change the email address of a user who's domain you've not claimed. So the first step here is ensure that the domain you're administering is already claimed in your Org before you could proceed to the next step.

Likewise, disconnecting or invalidating a domain claim, allows for another Org to claim and verify that domain. Atlassian access does not deactivates or deletes an account as a result of disconnecting a domain from your Org or removing the SAML.

Good day Prince,

 

The user is from another organization, the ability to change their e-mail address is greyed out from the Org admin hub. We cannot claim that domain because it is their domain.

The latter part of your comment is helpful, as you explain if a user is deprovisioned in SAML SSO, their Atlassian account is not deleted

Unfortunately, you won't be able to do anything since you don't have ownership of that domain.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events