So I want to implement SAML from Azure AD to Atlassian. When I verify the domain I see all the staff who have individually signed up to Atlassian using the same domain name. I have set the Product Access to automatically assign the new site to users logging in from that domain. However this doesn't seem to work - presumably because the user already exists without site access. Should I delete all the existing users and get them to sign in again or is there a way to assign site access to these existing users.
Hi @Marlo Atlassian, if you have configured Site Access to allow any user to join the site from the domain, you should not need to delete existing users. However it is a "just-in-time" joining, so users need to actually visit the site for the first time before they will be added.
You can assign them manually by simply inviting them to the site. https://confluence.atlassian.com/cloud/invite-edit-and-remove-users-744721624.html
If you have SAML SSO set up, it should be no different. When the user visits the site for the first time, they will be redirected to your SSO provider to log in. If the user doesn't have an Atlassian account, we will create one on the fly. Whether or not we have to create a new account, it should be added to the site if the Site Access settings are correct.
I just posted an answer to you other post - giving you all the pointers you'd need. https://community.atlassian.com/t5/Jira-questions/Custom-SAML-Plugin-Feasibility-in-Atlassian-Jira-and-confluence/qaq-p/1169891
Hi Community! Thank you to all who joined our ongoing monthly Atlassian Access demo! We have an engaging group of attendees who asked many great questions. I’ll share a recap of frequently ask...