Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

User Provisioning and adding to a group with a SCIM-incompatible identity provider (Keycloak)


This issue is quite tricky, so I'll try to keep it short and to the point. 

The client's identity provider is Keycloak, which isn't compatible with SCIM. However, user approbation can be automated and SAML-SSO is ok, which is great.

I'm trying to find a way to automatically add the newly self-added-user to a group.

The only thing I can think of is "sending a custom SAML attribute to Atlassian Access containing the user's group from Keycloak", then "somehow retrieve said attribute and add user to the right group, maybe with some ScriptRunner?".

Trouble is, I'm not even sure it's possible, or if there could be a better way to do things.

From what I said: are you inspired with a solution ?

Thank you very much in advance for any kind of help,


0 answers

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Atlassian Access

Atlassian Access Demo Q&A Recap

Hi Community! Thank you to all who joined our ongoing monthly Atlassian Access demo! We have an engaging group of attendees who asked many great questions. I’ll share a recap of frequently ask...

1,152 views 4 4
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you