Atlassian Team member - provisioning or syncing with Entra ID (Azure)

Simon Sahli September 10, 2024

Hello Atlassian community,

I was wondering if there is anyway to sync or provision Atlassian Team members from Entra ID (Azure Microsoft)? 
Or if not if I could use API and scripting to achieve that in any way?

The reason for my question is that we might want to setup these teams for the entire company, but we do not really want to manage the members of these teams manually. We want that the group memberships are based from Entra ID, where all the teams always will always be up to date.

 

Reference for my question: What is an Atlassian team? | Atlassian Support


Please let me know if you if there is anyway to sync Atlassian Teams or if it is currently purely a manual creation and maintenance.
Thanks in advance!


Best regards,
Simon

1 answer

0 votes
vikram
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 27, 2024

Hi @Simon Sahli 

I think yes, it is possible.

Please go through the below Knowledge Document for configurations from Microsoft Entra ID Azure and Atlassian Tool.

https://learn.microsoft.com/en-us/entra/identity/saas-apps/atlassian-cloud-provisioning-tutorial

Vikram P

Simon Sahli September 27, 2024

Hi @vikram
and how would I address the "Atlassian Teams". 
I know about the user and group attributes, but there is nothing mentioned about the teams or?

Best,
Simon

Jean-Philippe Lachance
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
September 27, 2024

+1 @Simon Sahli 

Hello @vikram

I think there was a miss-understanding of the question.

In Atlassian, we have teams in:

In a tool like GitHub, a GitHub team can be linked to an underlying SSO group.

https://docs.github.com/en/enterprise-cloud@latest/organizations/organizing-members-into-teams/synchronizing-a-team-with-an-identity-provider-group

My feeling is that a similar feature is required in Atlassian, so businesses can start to maintain only one Team definition in their SSO directory, let SCIM configure other systems.

Otherwise, businesses are forced to create automations to sync Teams with a source of truth. Such custom automation should not be required, should instead be handled by the SCIM protocol.

From a recent meeting I had with a Compass sales team, they know this is an issue, they want to build a solution, it's simply not there yet. Maybe they need the community to push for it a bit more.

Best,

JP

Like # people like this
Simon Sahli September 27, 2024

Hi @Jean-Philippe Lachance
exactly!
Instead of creating and maintaining the team within Atlassian, which are usually departments or teams that are already registered in the Entra ID (or any other SCIM), it would be better if we can provisioned them as it is possible for groups already.

We could then use these teams, for example, in mentions in Confluence pages.

If this is considered a change, then please create a change request or send me the existing change so I can watch and vote for it.
Thanks!

Cheers,
Simon

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events