-
Suggestion
-
Resolution: Unresolved
-
None
-
73
-
Problem Definition
The SAML givenName and surName attributes are currently prioritized over the SCIM DisplayName Attribute and when a User SAML Authenticates, their Atlassian account Full Name is updated and overwritten with the SAML Value
Suggested Solution
Update the "Atlassian Cloud" OIN App in Okta so that the givenName/surName SAML Attribute mappings can be customized
Why this is important
Users may prefer their Nickname/DisplayName that is sent via SCIM instead of their givenName
Workaround
This may not be practical/viable as other Apps integrated with Okta use the same User Profile Details, update the User's Profile in Okta so that their Preferred Name is sent as their givenName/surName
Alternatively, you can configure SAML in atlassian using a generic app in Okta in addition to the "Atlassian Cloud" app (for SCIM) by simply changing the SAML settings in Atlassian to point to the new generic app in Okta.
This trades-off the ability to have both a Jira and a Confluence button in Okta for the ability to disable the givenName/surName attributes in SAML.
Please note that the email address for the nameId needs to use the same user property as the SCIM configuration used by the "Atlassian Cloud" app.
[ACCESS-914] Allow Customers to Customize the Given/SurName SAML Attributes in Okta App
What's the ETA on this? Collaboration systems as popular as Atlassian should not have basic issues like this on the backburner, I can't imagine it's a huge lift to make the changes.
Having recently changed my preferred name it is heartbreaking to have to see my deadname on every comment all throughout these systems. I have to see it on every comment I make and every time I am tagged in another persons comment. It shows up on every ticket and article I'm affiliated with or have worked on. My coworkers have to click on it every time they need me. It shows up, many, many, many times more than my preferred name, and it makes me dread using this tool that is vital to my day to day job. It is unthinkable this has remained unaddressed for two and a half years at time of writing this. Please prioritize correcting this issue.
The whole point of a chosen name is that it's what we want other people to refer to us by. When something different is presented, we're working against the human inclination to use what is written. It's essential in any collaborative system to defer to preferred name / chosen name, otherwise other people will not do so consistently. There shouldn't be hidden knowledge requirement.
Can you imagine having to see your full legal name every time you use Atlassian products? Have you had to explain over and over to co-workers and people in the company that they need to use a totally different name to assign things to you?
What if I were born Ben and everyone during the last 10 years has known me as Judy?
Atlassian's implementation of mapping variables/values is broken. It ignores PreferredName and does a hard query for only the GivenName.
I agree. A chosen name is something so personal and important to people. I work with many - including one of my direct reports - that have a chosen name different than the one that pops up in confluence and Jira. My team serves several hundreds of users within the company as a service desk, it is confusing to the users to see a different name on slack and email vs the one in the Jira tickets, and it is frustrating to so many that have to see a name they do not see as their true self, popping everywhere, multiple times a day, as part of their ongoing job. Please set a higher priority on this.
Any traction on this? This is truly frustrating for so many of our users. We need a resolution or at least a workaround for this.
This is a daily issue for us, as many of our users do not go by their legal given name, but our compliance policies require the given name fields contain their legal names in our IdP systems. Please prioritize updating your provisioning within Okta.
This is one that both internal users and clients would like resolved.
Please implement this change in the OIN network to allow us to choose which Okta attributes to send to givenname and surname and corresponding documentation. It's something we've come to expect in Okta and other applications The corresponding access-747 ticket is the 9th most voted ticket and it's an easy fix! Please! The SCIM is pointless if SAML is overwriting the name.