At this moment, when Managed Users are provisioned via SCIM from an Identity Provider, the Public Name field remains unlocked.

Steps to Reproduce

1. Sync a user registered in one of the verified domains from an Identity Provider.
2. As the user, log in at https://id.atlassian.com/manage-profile/profile-and-visibility 

Expected Results

The Public Name field should be locked so end-users shouldn't be able to change it. 

Actual Results

The end user is capable of changing the Public Name freely:

Workaround

As mentioned in ACCESS-1229, the SCIM API accepts the 'nickName' attribute, which will update the end-user Public Name when synced from the Identity Provider. 

It's also possible to change the Public Name of a synced user by using the following API endpoint: 

• User management REST API - Update profile

Those workarounds can help the Org Admin adjust the public names when it has been modified, but won't prevent the end-user from changing it back. It might be necessary to contact the end-user to ask them to avoid making any further changes, if necessary.