I have an Confluence server installation and have integration with Azure AD via Confluence SAML SSO by Microsoft - but I can't figure out the user provisioning.
I have a AD group with me in it, but every time I log in I get "User is not available in Confluence. Please contact your Confluence admin"
How should I provision users from my corporate Azure AD?
Hope someone can help.
Welcome to the Atlassian community. This is Prakash here from miniOrange,
we have an automated user provisioning app which can solve your problem
You can take a look at our SAML SSO app & User Sync app.
Please reach out to miniOrange at firstname.lastname@example.org or using the customer portal and the team will help you out to configure the plugin as per your requirements.
to my knowledge, the free Microsoft Plugin does not support any user provisioning at all. It only supports authentication (of existing users).
In order you to provision users you may have to use third-party plugins like ours, where you would have a choice between:
- Users Sync & Groups Sync Confluence
This is a plugin providing provisioning capabilities to many common IdPs including Azure AD. You could use this in conjunction with the Microsoft Plugin.
- SAML Single Sign On SAML SSO Confluence
This plugin already includes all the Users Sync functionality from the above Plugin and also includes the capability to do SAML Authentication. You then no longer would need the Microsoft one.
It's the most used one in the Atlassian Ecosystem and has a variety of additional features compared to the Microsoft SAML Plugin.
Besides ours, there are some other plugins in the Marketplace - you should get a good overview here: https://marketplace.atlassian.com/search?query=saml
If you want to get an impression of the Configuration of our plugin - here is a link to our Step-by-Step Guide with Azure AD (including a Tutorial Video): https://wiki.resolution.de/doc/saml-sso/latest/jira/setup-guides-for-saml-sso/azure-ad/azure-ad-with-user-sync
P.S. Full disclosure, I work for resolution, a marketplace vendor.
No that is not necessary.
There is a setting called "Groups mandatory to sync" in the Advanced settings of the Azure AD connector, where you can limit which users are being sync'd. Then only users in that(those) group(s) will be synchronized.
More details here: https://wiki.resolution.de/doc/usersync/latest/knowledge-base/group-management-and-filtering-with-user-sync#id-.GroupManagementandFilteringwithUserSyncv1.1.x-MandatoryGroups
Hi Community! We're thrilled to share that Team Calendars for Confluence is now a built-in feature for Confluence Data Center releases 7.11 and beyond. A long time favorite, Team Cale...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events