[ID-7435] SSO blocks email address change

Type: Bug
Resolution: Timed out
Priority: Low
Component/s: Identity Internal - SAML, User - Email change
Labels:
None

Support reference count:
4
Symptom Severity:
Minor
Bug Fix Policy:
View Atlassian Cloud bug fix policy

Issue Summary

When an account is managed within an organization that implements SSO, the email address of that account cannot be changed to an address that is not under the organization's claimed domains.

Steps to Reproduce

1. Claim a domain and setup SSO
2. Change a managed account's email address to an address that is not under the organization's claimed domains.

ie. user@domainwithSSO.com -> user@anotherdomain.com

3. A verification email will be sent to the new email address.

Expected Results

When verifying the change, the end user should be redirected to the current account's SSO. Once authenticated, the email address change should complete.

Actual Results

User is prompted to enter the account's Atlassian login password to complete. Since the account is still enforced with SSO, there is no available password to use here.

Workaround

Contact support and mention them about this bug(~~ID-7435~~)

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

password.png
110 kB
18/Mar/2020 12:56 PM
verify.png
87 kB
18/Mar/2020 1:02 PM

Kat N added a comment - 21/Dec/2022 11:15 PM

Atlassian Update – 21 Dec 2022

Hi everyone,
Thank you for raising and following this bug report. Because there have been no new reports of this issue over the last year, we are closing this ticket as "Timed Out". If this bug is continuing to impact your team, please let us know in a comment on the ticket. Thanks again for continuing to provide valuable feedback to our team.

Kat N added a comment - 21/Dec/2022 11:15 PM Atlassian Update – 21 Dec 2022 Hi everyone, Thank you for raising and following this bug report. Because there have been no new reports of this issue over the last year, we are closing this ticket as "Timed Out". If this bug is continuing to impact your team, please let us know in a comment on the ticket. Thanks again for continuing to provide valuable feedback to our team.

Angel Bartomeu added a comment - 25/Mar/2020 5:17 AM

Hi rmacalinao, I think you have now access to the panel to send this links. Is that ok?

Angel Bartomeu added a comment - 25/Mar/2020 5:17 AM Hi rmacalinao , I think you have now access to the panel to send this links. Is that ok?

Sai Majeti added a comment - 21/Mar/2020 12:53 AM

rmacalinao, it will be available for the SSO users as well upon the admin requesting for this option.

Can we close this issue if there is another tracking ticket to disable SSO?

Sai Majeti added a comment - 21/Mar/2020 12:53 AM rmacalinao , it will be available for the SSO users as well upon the admin requesting for this option. Can we close this issue if there is another tracking ticket to disable SSO?

Sai Majeti added a comment - 18/Mar/2020 7:27 PM

work around: as mentioned in https://hello.atlassian.net/wiki/spaces/CR/pages/643239145/Identity+Release+Readiness+-+SAML+SSO+blocked+from+email+can+t+login+bypass , we can raise a DOS ticket with the Kirby team to send a email to the customer for logging in.

Sai Majeti added a comment - 18/Mar/2020 7:27 PM work around: as mentioned in https://hello.atlassian.net/wiki/spaces/CR/pages/643239145/Identity+Release+Readiness+-+SAML+SSO+blocked+from+email+can+t+login+bypass , we can raise a DOS ticket with the Kirby team to send a email to the customer for logging in.

Sai Majeti added a comment - 18/Mar/2020 6:44 PM

created https://hello.atlassian.net/browse/LINK-785 to track this issue.

Sai Majeti added a comment - 18/Mar/2020 6:44 PM created https://hello.atlassian.net/browse/LINK-785 to track this issue.

Sai Majeti added a comment - 18/Mar/2020 5:30 PM

rmacalinao Can you let me know if this is a request from customer?

Even if we can provide a work around, the user will not be able to login later since the updated domain's email is unclaimed. Can you explain me how this would benefit the customer?

Sai Majeti added a comment - 18/Mar/2020 5:30 PM rmacalinao Can you let me know if this is a request from customer? Even if we can provide a work around, the user will not be able to login later since the updated domain's email is unclaimed. Can you explain me how this would benefit the customer?

Assignee:: Unassigned

Reporter:: Ramon M

Affected customers:: 0 This affects my team

Watchers:: 10 Start watching this issue

Created:: 18/Mar/2020 12:57 PM

Updated:: 21/Dec/2022 11:15 PM

Resolved:: 21/Dec/2022 11:15 PM

Details

Description

Issue Summary

Steps to Reproduce

Expected Results

Actual Results

Workaround

Attachments

Attachments

Forms

Activity

Collapse comment: Kat N added a comment - 21/Dec/2022 11:15 PM

Expand comment: Kat N added a comment - 21/Dec/2022 11:15 PM

Collapse comment: Angel Bartomeu added a comment - 25/Mar/2020 5:17 AM

Expand comment: Angel Bartomeu added a comment - 25/Mar/2020 5:17 AM

Collapse comment: Sai Majeti added a comment - 21/Mar/2020 12:53 AM

Expand comment: Sai Majeti added a comment - 21/Mar/2020 12:53 AM

Collapse comment: Sai Majeti added a comment - 18/Mar/2020 7:27 PM

Expand comment: Sai Majeti added a comment - 18/Mar/2020 7:27 PM

Collapse comment: Sai Majeti added a comment - 18/Mar/2020 6:44 PM

Expand comment: Sai Majeti added a comment - 18/Mar/2020 6:44 PM

Collapse comment: Sai Majeti added a comment - 18/Mar/2020 5:30 PM

Expand comment: Sai Majeti added a comment - 18/Mar/2020 5:30 PM

People

Dates