-
Bug
-
Resolution: Unresolved
-
Low
-
None
-
2
-
Severity 3 - Minor
-
Issue Summary
SCIM can't update an email address if the target domain is managed by two organizations and automatically claimed by the second organization.
Steps to Reproduce
- One domain is verified in two orgs with the parameters:
Org A: Manual
Org B: Automatic
Action: Change the managed account email in the same domain only in org A on the IDP side.
Example: ABC@123.com → DEF@123.com
2. Two domains are verified in two orgs, with parameters:
Org 1:
Domain 1: Manual
Domain 2: Manual
Org 2:
Domain 1: Not verified
Domain 2: Automatic
Action: Change the managed account email in ORG A on the IDP side - domain 1 to domain 2
{}Example: ABC@123.com → ABC@456.com
Expected Results
The email address should be successfully changed and still present in Organization 1.
That's how it works when we change the email address for managed accounts without SCIM under the same settings
Actual Results
The email address remains unchanged for a managed account. The SCIM record is not linked to an Atlassian Account, but the email attribute has been updated within SCIM DB.
MAS settings:
Is Selectively Claimed: TRUE
Should Claim Accounts By Default: FALSE
Is User Accounts File Uploaded: FALSE
SCIM verify results for the new email address:
Result: UNCLAIMABLE
Workaround
Set email domain settings in the second organization to MANUAL
- mentioned in
-
Page Loading...