Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1521

Atlassian Cloud App in Okta doesn’t sync group memberships unless pushing them manually

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Answered
    • Icon: Low Low
    • Group Sync
    • None

      Issue Summary

      Atlassian Cloud App in Okta doesn't sync group memberships to Atlassian unless pushing them manually. Deactivating users and changing group memberships on Okta does not trigger pushing group memberships. Therefore differences in group membership can occur between Atlassian and Okta. Pushing them manually would not be ideal because enterprise users might need to do it for thousands of groups.

      Steps to Reproduce

      1. Configure the user provisioning between Atlassian and Okta
      2. Deactivate users and change group memberships on Okta

      Expected Results

      Deactivating users and changing group membership on Okta etc., trigger pushing group memberships.

      Actual Results

      The user's deactivation status is immediately synced to Atlassian, but nothing triggers pushing group memberships. It can be done manually from the [Push group] tab on Atlassian Cloud App in Okta.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

            [ACCESS-1521] Atlassian Cloud App in Okta doesn’t sync group memberships unless pushing them manually

            Fumiya Okazaki(DeNA) added a comment -

            I asked Okta to raise a request ticket.
            I will link below.
            https://ideas.okta.com/app/#/case/182199

             

            Fumiya Okazaki(DeNA) added a comment - I asked Okta to raise a request ticket. I will link below. https://ideas.okta.com/app/#/case/182199  

            Fumiya Okazaki(DeNA) added a comment -

            Thank you for your comment. We will continue to make feature requests to Okta, but we also consider this a general improvement request when using Okta and Atlassian Accesss.
            We hope that Atlassian will also communicate with Okta as a request for OIN function improvement and quality improvement.

            Fumiya Okazaki(DeNA) added a comment - Thank you for your comment. We will continue to make feature requests to Okta, but we also consider this a general improvement request when using Okta and Atlassian Accesss. We hope that Atlassian will also communicate with Okta as a request for OIN function improvement and quality improvement.

            FellowJitster added a comment -

            I think this is best addressed by adding a toggle on Okta's side to enable/disable this behavior on a per directory basis as we cannot change the default behavior for all customers. My recommendation would be to open a feature request for this on Okta side.

            FellowJitster added a comment - I think this is best addressed by adding a toggle on Okta's side to enable/disable this behavior on a per directory basis as we cannot change the default behavior for all customers. My recommendation would be to open a feature request for this on Okta side.

            Fumiya Okazaki(DeNA) added a comment -

            We are affected by a bug in the content of this ticket. What is the reason why the status is Close?

            Fumiya Okazaki(DeNA) added a comment - We are affected by a bug in the content of this ticket. What is the reason why the status is Close?
            SET Analytics Bot made changes -
            Support reference count New: 1
            Yang Li made changes -
            Resolution New: Answered [ 9 ]
            Status Original: Needs Triage [ 10030 ] New: Closed [ 6 ]
            K. Tajima created issue -

              Unassigned Unassigned
              3fb4e7e36438 K. Tajima
              Affected customers:
              1 This affects my team
              Watchers:
              8 Start watching this issue

                Created:
                Updated:
                Resolved: