It would be ideal for Atlassian to use SSO/SAML and access is controlled via AAD groups, this might be a challenge with it having already been implemented and used in production.