Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1382

User deactivated via IDP can be reactivated from org

XMLWordPrintable

      Issue Summary

      A user deactivated via IDP can be reactivated by org admin without IDP intervention. 

      Steps to Reproduce

      • Synced a user via OKTA.
      • Deactivated this user via Okta. This deactivated the Atlassian account and marked the SCIM record as false.
      • Marked this user for deletion and canceled deletion via managed accounts.
      • This reactivated the Atlassian account, and the SCIM record was still marked as false. User account stays in the locked state, i.e., managed via IDP.

      Expected Results

      We should revert the Atlassian account to the previous state on canceling user deletion, i.e., deactivated state. As IDP manages the user account, we should allow reactivation of the account only via IDP. 

      Actual Results

      User accounts get reactivated, and SCIM record for the same stays inactive. However, the user account still shows managed via IDP under the managed accounts. 

      Workaround

      Will update the workaround as soon as available. 

              Unassigned Unassigned
              20d8b956adca Jayant Suneja (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: