Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1023

Allow the site-admin role to be assigned to a provisioned group

    • 45
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      The user provisioning feature provided by Atlassian Access allows organizations to centralized their group membership management via a third party AD.

      • Provisioned groups can be configured for product access settings (license)
      • Provisioned groups can be configured for application administration settings
      • Provisioned groups can be configured for application permission settings

      What is left to completely offload the group membership maintenance is the site-admin role. Organizations need to maintain a list of site-admin users locally on the cloud site instead of via a third party AD.

      Suggestion : When user provisioning is enabled, allow the site-admin role to be assigned to a custom provisioned group.

            [ACCESS-1023] Allow the site-admin role to be assigned to a provisioned group

            SET Analytics Bot made changes -
            Support reference count Original: 44 New: 45
            Mathias Richter made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 1038560 ]
            Mathias Richter made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 1037692 ]
            SET Analytics Bot made changes -
            Support reference count Original: 43 New: 44
            SET Analytics Bot made changes -
            Support reference count Original: 42 New: 43
            SET Analytics Bot made changes -
            Support reference count Original: 41 New: 42

            We push all users including admins with special admin accounts to SCIM/SSO. Entra ID allows us to do automated periodic review of groups and memberships. Being unable to assing site and org admin roles to SCIM groups means we have to manually manage and review access to those which are the most improtant priviledges in the org.

            Carl Dittloff added a comment - We push all users including admins with special admin accounts to SCIM/SSO. Entra ID allows us to do automated periodic review of groups and memberships. Being unable to assing site and org admin roles to SCIM groups means we have to manually manage and review access to those which are the most improtant priviledges in the org.
            SET Analytics Bot made changes -
            Support reference count Original: 40 New: 41
            SET Analytics Bot made changes -
            Support reference count Original: 39 New: 40
            SET Analytics Bot made changes -
            Support reference count Original: 38 New: 39

              Unassigned Unassigned
              rmacalinao Ramon M
              Votes:
              39 Vote for this issue
              Watchers:
              60 Start watching this issue

                Created:
                Updated: