[ACCESS-1497] Allow the Atlassian Account email address to be mapped to an attribute via Azure AD sync

Type: Suggestion
Resolution: Unresolved
Component/s: User Sync - Managed Accounts
Labels:
- RIBS-SHORT
- guard-s8

Support reference count:
9
Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

At the moment, the Azure AD sync will use the Azure AD email address and the UPN as fallback for the synced Atlassian Account email address.

SAML-SSO attribute setting in Azure AD allows to map the email address (unique user identifier) to certain attributes in Azure AD. User provisioning via SCIM also allows this.

This can lead to duplicate accounts if the SAML-SSO attribute mapped is not the primary email as used by Azure AD sync.

Suggestion
To match Azure AD sync with SAML SSO and avoid duplicate accounts, allow the Atlassian Account email address to be mapped to an Azure AD attribute via Azure AD sync

relates to

ACCESS-1560 Allow custom attribute mapping for Azure AD sync

Closed

mentioned in: Page Failed to load; Page Failed to load; Page Failed to load; Page Failed to load

Assignee:: Holly Makris (Inactive)

Reporter:: Ramon M

Votes:: 25 Vote for this issue

Watchers:: 23 Start watching this issue

Created:: 27/Mar/2023 1:07 PM

Updated:: 22/Mar/2025 4:00 AM

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates