Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-2194

Email and in-product notifications when SCIM API key is close to expiration

XMLWordPrintable

    • 3

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      When a SCIM API key is going to expire, admins must view the API key expiration date in their provisioning settings.

      Admins are not able to receive notifications about their SCIM API key expiring in other ways, like via email or in-product banners.

      Suggested Solution

      Send email notifications and have in-product banners/warnings in prominent places that warn admins about their SCIM API key expiring soon. The notifications should provide clear step-by-step instructions on how to prevent downtime when rotating keys, or provide a link to documentation that does so.

      Why this is important

      Admins rely on provisioning for critical lifecycle management of user profiles. Even a short downtime may lead to out-of-sync issues between users and group data in the identity provider and in Atlassian Cloud. For example, a user may retain access to a Jira instance despite being deactivated in the identity provider.

      Workaround

      Admins must manually track the expiration of their SCIM API keys. Admins can view when their SCIM API key expires by following the instructions here.

            [ACCESS-2194] Email and in-product notifications when SCIM API key is close to expiration

            SET Analytics Bot made changes -
            Support reference count Original: 2 New: 3
            SET Analytics Bot made changes -
            Support reference count Original: 1 New: 2
            SET Analytics Bot made changes -
            Support reference count New: 1
            Tyler B [Atlassian] made changes -
            Description Original: h3. Problem Definition
            When a SCIM API key is going to expire, admins must [view the API key expiration date in their provisioning settings|https://support.atlassian.com/provisioning-users/docs/manage-scim-api-key-expiration/#View-API-key-expiration-for-SCIM].

            Admins are not able to receive notifications about their SCIM API key expiring in other ways, like via email or in-product banners.

            h3. Suggested Solution
            Send email notifications and have in-product banners/warnings in prominent places that warn admins about their SCIM API key expiring. The notifications should provide clear step-by-step instructions on how to prevent downtime when rotating keys, or provide a link to documentation that does so.

            h3. Why this is important
            Admins rely on provisioning for critical lifecycle management of user profiles. Even a short downtime may lead to out-of-sync issues between users and group data in the identity provider and in Atlassian Cloud. For example, a user may retain access to a Jira instance despite being deactivated in the identity provider.

            h3. Workaround
            Admins must manually track the expiration of their SCIM API keys. Admins can view when their SCIM API key expires by following the instructions [here|https://support.atlassian.com/provisioning-users/docs/manage-scim-api-key-expiration/#View-API-key-expiration-for-SCIM].             		New: h3. Problem Definition
            When a SCIM API key is going to expire, admins must [view the API key expiration date in their provisioning settings|https://support.atlassian.com/provisioning-users/docs/manage-scim-api-key-expiration/#View-API-key-expiration-for-SCIM].

            Admins are not able to receive notifications about their SCIM API key expiring in other ways, like via email or in-product banners.

            h3. Suggested Solution
            Send email notifications and have in-product banners/warnings in prominent places that warn admins about their SCIM API key expiring soon. The notifications should provide clear step-by-step instructions on how to prevent downtime when rotating keys, or provide a link to documentation that does so.

            h3. Why this is important
            Admins rely on provisioning for critical lifecycle management of user profiles. Even a short downtime may lead to out-of-sync issues between users and group data in the identity provider and in Atlassian Cloud. For example, a user may retain access to a Jira instance despite being deactivated in the identity provider.

            h3. Workaround
            Admins must manually track the expiration of their SCIM API keys. Admins can view when their SCIM API key expires by following the instructions [here|https://support.atlassian.com/provisioning-users/docs/manage-scim-api-key-expiration/#View-API-key-expiration-for-SCIM].
            Tyler B [Atlassian] made changes -
            Summary Original: Email and in-product notifications for SCIM API Key expiration New: Email and in-product notifications when SCIM API key is close to expiration
            Tyler B [Atlassian] created issue -

              Unassigned Unassigned
              tbrothers Tyler B [Atlassian]
              Votes:
              1 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: