-
Type:
Suggestion
-
Resolution: Unresolved
-
None
-
73
Problem Definition
The SAML givenName and surName attributes are currently prioritized over the SCIM DisplayName Attribute and when a User SAML Authenticates, their Atlassian account Full Name is updated and overwritten with the SAML Value
Suggested Solution
Update the "Atlassian Cloud" OIN App in Okta so that the givenName/surName SAML Attribute mappings can be customized
Why this is important
Users may prefer their Nickname/DisplayName that is sent via SCIM instead of their givenName
Workaround
This may not be practical/viable as other Apps integrated with Okta use the same User Profile Details, update the User's Profile in Okta so that their Preferred Name is sent as their givenName/surName
Alternatively, you can configure SAML in atlassian using a generic app in Okta in addition to the "Atlassian Cloud" app (for SCIM) by simply changing the SAML settings in Atlassian to point to the new generic app in Okta.
This trades-off the ability to have both a Jira and a Confluence button in Okta for the ability to disable the givenName/surName attributes in SAML.
Please note that the email address for the nameId needs to use the same user property as the SCIM configuration used by the "Atlassian Cloud" app.