Hi all,
I successfully configured SAML SSO via our Entra-ID directory (as for now without auto-provisioning). However, as a last step during the SSO configuration the opportunity was given to link Entra-ID directory with one or multiple managed domains. I skipped it for now because I wasn't sure about the impact, so I want so ask some questions:
1. Can you tell me what actually happens if I set up the link? Does it sync every Entra-ID directory user to the local directory or a separate directory of my Atlassian tenant (does ist work similar than auto-provisioning)?
2. What will happen with UPNs from Entra-ID with a different domain part than the managed domain in our Atlassian tenant? Will they be ignored because they differ?
3. Is there a way to have an automatic fallback to local authentication (e.g. when there are service degradations at the identity provider's site) or do I have to maually swap all users back to the local directory authentication policy?
Thanks in advance!
