Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-5410

When nested groups are enabled, provide flattened groups' membership when synchronizing with connected applications

    • 2
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      Nested Groups can be enabled on both, Crowd server and connected applications using Embedded Crowd.
      On some connected applications, doing operations with nested groups (i.e. permissions validation on Confluence) may be expensive.

      When Embedded Crowd synchronizes a directory with Crowd, it uses the /crowd/rest/usermanagement/1/group/membership REST API method.
      If we have the below hierarchy in the LDAP server, then Crowd will pass it along to the connected application without any modifications.

      + GroupProject1
      ++ aduser003
      ++ GroupTeam1
      +++ aduser001
      +++ aduser002

      This forces the connected application to be aware of nested groups and still perform expensive operations to accomplish its tasks.

      Suggested Solution

      When nested groups is enabled in Crowd, there could be a configuration to always pass along to the connected applications a flattened groups memberships in a way that the connected application isn't aware the nested groups configuration exists.

      In the previous example, instead of passing the hierarchy below

      + GroupProject1
      ++ aduser003
      ++ GroupTeam1
      +++ aduser001
      +++ aduser002

      Crowd could send a flattened list of users x groups memberships as below

      + GroupProject1
      ++ aduser003
      ++ aduser001
      ++ aduser002

      + GroupTeam1
      ++ aduser001
      ++ aduser002

      This would relief the connected application from expensive nested groups calculation, leaving this task to Crowd when Synchronization occurs.

      Workaround

      There's no workaround so far.

            [CWD-5410] When nested groups are enabled, provide flattened groups' membership when synchronizing with connected applications

            Aakrity Tibrewal made changes -
            Resolution New: Low Engagement [ 10300 ]
            Status Original: Gathering Interest [ 11772 ] New: Closed [ 6 ]
            Aakrity Tibrewal made changes -
            Labels Original: embedded-crowd nested_groups pse-request New: cleanup-seos-fy25 embedded-crowd nested_groups pse-request

            Atlassian Update - 27 April 2025

            Hello,

            Thank you for submitting this suggestion. We appreciate you taking the time to share your ideas for improving our products, as many features and functions come from valued customers such as yourself.

            Atlassian is committed to enhancing the security and compliance of our Data Center products, with an emphasis on sustainable scalability and improving the product experience for both administrators and end-users. We periodically review older suggestions to ensure we're focusing on the most relevant feedback. This suggestion is being closed due to a lack of engagement in the last four years, including no new watchers, votes, or comments. This inactivity suggests a low impact. Therefore, this suggestion is not in consideration for our future roadmap.

            Please note the comments on this thread are not being monitored.

            You can read more about our approach to highly voted suggestions here and how we prioritize what to implement here.

            To learn more about our recent investments in Crowd Data Center, please check our public roadmap.

            Kind regards,
            Crowd Data Center

            Aakrity Tibrewal added a comment - Atlassian Update - 27 April 2025 Hello, Thank you for submitting this suggestion. We appreciate you taking the time to share your ideas for improving our products, as many features and functions come from valued customers such as yourself. Atlassian is committed to enhancing the security and compliance of our Data Center products, with an emphasis on sustainable scalability and improving the product experience for both administrators and end-users. We periodically review older suggestions to ensure we're focusing on the most relevant feedback. This suggestion is being closed due to a lack of engagement in the last four years , including no new watchers, votes, or comments. This inactivity suggests a low impact. Therefore, this suggestion is not in consideration for our future roadmap. Please note the comments on this thread are not being monitored. You can read more about our approach to highly voted suggestions here and how we prioritize what to implement here. To learn more about our recent investments in Crowd Data Center, please check our public roadmap . Kind regards, Crowd Data Center
            SET Analytics Bot made changes -
            Support reference count New: 2
            Katherine Yabut made changes -
            Workflow Original: JAC Suggestion Workflow [ 3387859 ] New: JAC Suggestion Workflow 3 [ 3629726 ]
            Monique Khairuliana (Inactive) made changes -
            Workflow Original: Simplified Crowd Development Workflow v2 [ 3235145 ] New: JAC Suggestion Workflow [ 3387859 ]
            Issue Type Original: Improvement [ 4 ] New: Suggestion [ 10000 ]
            Status Original: Open [ 1 ] New: Gathering Interest [ 11772 ]
            Thiago Masutti made changes -
            Link New: This issue is related to CWD-4942 [ CWD-4942 ]
            Thiago Masutti made changes -
            Labels Original: nested_groups pse-request New: embedded-crowd nested_groups pse-request
            Thiago Masutti created issue -

              Unassigned Unassigned
              tmasutti Thiago Masutti
              Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: