Sporadic user issues signing into Atlassian cloud products, using our SSO idp (ADFS). Seeing different users experience issues with Atlassian only (other SSO sign ins to 3rd party clouds successful). Early indications were it was related to local client time sync, however not able to replicate by manually forcing drift and logging in from my own machine, consistently works.
One user went through SSO and 2FA fine and was rejected, we ran a time sync then retried and they were authed without repeating the SSO logon, suggesting the SAML token was reused form the first attempt and succeeded on the 2nd try. Is there some config in the Atlassian side that allows for time drift we can configure, or something we can do to check the reason for the failures?