Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1129

Add audit log when IDP synced user is removed from group in idp


    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • Audit Log
    • None
    • 7
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Issue Summary

      Missing log events:

      1. IDP synced user removed from the group at IDP deactivates the account. The user's group removal is logged in the audit log but the user's deactivation event is not logged.
      2. When a Managed account gets deactivated due to Atlassian's "Export Control - Compliance Policy", the user gets the following notification:
        Dear Atlassian user,
        U.S. law prohibits Atlassian, an Australian corporation with offices in the United States, from providing you with access to our products and services. After analyzing the applicable lists of restricted parties maintained by the U.S. Government, we were unable to confirm that your name was not affiliated with a restricted party. If this is a case of misidentification, please reply with two different copies of official documentation to verify your identity.
        Official documentation includes, but is not limited to, a government-issued drivers license or identification card, passport, utility bill, mortgage or bank statement, etc. Please make sure your full name and address are clearly visible.
        We look forward to your reply.

        However, this data is not recorded in the Org Audit logs so it becomes difficult for the Org Admins to understand why the Account was disabled.

      Steps to Reproduce

      1. Remove an IDP synced user from all IDP synced groups, this will deactivate the user
      2. deactivated account event is not logged in audit logs through the user's group membership removal is logged. 

            Unassigned Unassigned
            probbins@atlassian.com Peter Robbins
            12 Vote for this issue
            5 Start watching this issue