Hello,
When trying to set-up connection to our identity provider (Entra), we are given a choice for provisionning users : manual using SCIM and automatic without SCIM.
When picking manual with SCIM, the dropdown to select a domain is empty and the domain is not validated at the end of the process.
The provisioning still works afterwards, with users from Entra being created in Atlassian, but without a validated domain, I can't look at the managed accounts (it asks to link a domain), or set up an authentification policy (it also asks to link a domain), and clicking on "Verify domain" just takes me back to the identity provider setup that is already done. And attempting to use "Link domain" on the member directory shows an empty dropdown.
So the directory shows asynced group, shows that an authentification policy exists (but clicking on it does not work) and shows no linked domain :
I feel like I must be missing something but can't figure out what and no online documentation seems to address this.
Thank you very much.
Welcome to the Atlassian Community @Fares Turki you should remove the Directory and the IdP and then start again. This is the only solution right now as suggested by @Hector Menchaca
Thank you Monika, I tried again but as long as I use the manual provisioning, I always end up in this situation.
I had a quick chat with support and it seems it's normal and I have to verify the domain using another method when doing manual provisionnin.
It's not clear why and the UX does not communicate that at all.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello @Fares Turki ,
Welcome to the Atlassian Community!
Have you tried to remove the Identity Provider/Directory and start again the integration?
Yeah - it looks like what you are missing is the most pivotal step of everything that is "verify the domain", so not sure how it let you do that.
Try to remove the Directory and the IdP and then start again.
Thanks!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It turns out that this is intended behaviour and when using the SCIM, you have to verify the domain some other way, you can't verify the domain through the IdP.
It's not clear to me why but it's the way it is.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.