Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1832

Unlink SCIM synced groups instead of deleting them when the group is removed/unassigned in the IDP

XMLWordPrintable

    • 16

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Current behaviour
      When a synced group is deleted or unassigned from the Atlassian Cloud app in the identity provider, SCIM provisioning will delete the group from the Atlassian organisation/site.

      This can be problematic if a group was unintentionally removed or unassigned due to either user error or an issue in the identity provider, as there is no way to restore the deleted groups and any product roles or in-product permissions assigned to the group.

      Proposed solution
      Instead of deleting the group in Atlassian, it may be safer to unlink the groups from being synced with the identity provider when they are removed or unassigned. This would be similar to how we de-provision users - we deactivate their Atlassian account instead of deleting it.

      Once unlinked, the groups are managed within the organisation and an admin can choose to delete them permanently as an additional step. Or the can reprovision the groups from the identity provider side.

      It could either be made the standard behaviour or a provisioning configuration option.

            [ACCESS-1832] Unlink SCIM synced groups instead of deleting them when the group is removed/unassigned in the IDP

            SET Analytics Bot made changes -
            Support reference count Original: 15 New: 16
            SET Analytics Bot made changes -
            Support reference count Original: 14 New: 15
            SET Analytics Bot made changes -
            Support reference count Original: 13 New: 14
            SET Analytics Bot made changes -
            Support reference count Original: 12 New: 13
            SET Analytics Bot made changes -
            Support reference count Original: 11 New: 12
            SET Analytics Bot made changes -
            Support reference count Original: 10 New: 11
            SET Analytics Bot made changes -
            Support reference count Original: 9 New: 10
            SET Analytics Bot made changes -
            Support reference count Original: 8 New: 9
            SET Analytics Bot made changes -
            Support reference count Original: 7 New: 8
            Habeel Bakshi made changes -
            Comment [ https://getsupport.atlassian.com/browse/PCS-385228 ]

              Unassigned Unassigned
              914454cc4509 Alfred A
              Votes:
              12 Vote for this issue
              Watchers:
              20 Start watching this issue

                Created:
                Updated: