Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Atlassian Access - Sync from AD specific group AND auto disable

Martynas Ramanauskas
Martynas Ramanauskas
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 22, 2019

Good day,

We are using Atlassian cloud.

We are using Atlassian Access. We want to sync users from AAD (Azure AD) but only which belongs to specif group. But we also want that if user is disabled in AAD - it would also be disabled in Atlassian.

We have successfully configured sync from specific AAD group. but how to make automatic disable?

Answer
Watch
Like Edgardo Safranchik likes this
3749 views

1 answer

1 vote
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
January 20, 2020

Colin, are the two companies using the same email domain?

SAML configuration in Atlassian Access is tied to an "organisation", that claims ownership over domains. During login the user is asked to enter their email, the domain of the email is checked against all domains claimed by organisations (across the whole Atlassian Cloud), the organisation is found and then that organisation's SSO is used (if configured).

The "organisation" is technically a logical/virtual record that is only tied to the real company by the domains it is linked to.

If your two sister companies are using different domains you should be able to create two organisations, claim these different domains in their respective organisations, and configure different SSO providers.

View More Comments
Colin Goudie
Colin Goudie
Contributor
January 20, 2020

No they are not.

At some point they may, but looking for the quickest wins.

Thinking I might provision Gsuite from 365 or visa versa ?

Like
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Champions.
Get recognized
January 20, 2020

SAML configuration in Atlassian Access is tied to an "organisation", that claims ownership over domains. During login the user is asked to enter their email, the domain of the email is checked against all domains claimed by organisations (across the whole Atlassian Cloud), the organisation is found and then that organisation's SSO is used (if configured).

The "organisation" is technically a logical/virtual record that is only tied to the real company by the domains it is linked to.

If your two sister companies are using different domains you should be able to create two organisations, claim these different domains in their respective organisations, and configure different SSO providers.

Like Jimmy Seddon likes this
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security