Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-2198

Email or in-product notification before SCIM API key expiry

XMLWordPrintable

    • 7

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      When a SCIM API key is going to expire, admins must view the API key expiration date in their provisioning settings.

      Admins are not able to receive notifications about their SCIM API key expiring in other ways, like via email or in-product banners.

      Suggested Solution

      Send email notifications and have in-product banners/warnings in prominent places that warn admins about their SCIM API key expiring soon (ex. at 30d, 14d, 7d and 1d before the expiry). The notifications should provide clear step-by-step instructions on how to prevent downtime when rotating keys, or provide a link to documentation that does so.

      Why this is important

      Admins rely on provisioning for critical lifecycle management of user profiles. Even a short downtime may lead to out-of-sync issues between users and group data in the identity provider and in Atlassian Cloud. For example, a user may retain access to a Jira instance despite being deactivated in the identity provider.

      Workaround

      Admins must manually track the expiration of their SCIM API keys. Admins can view when their SCIM API key expires by following the instructions here.

            [ACCESS-2198] Email or in-product notification before SCIM API key expiry

            No work has yet been logged on this issue.

              Unassigned Unassigned
              a9811fcf7424 Kaz Nobutani
              Votes:
              8 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated: