Details
-
Bug
-
Resolution: Fixed
-
Highest
-
123
-
Minor
-
Description
Issue Summary
Re-linking an Atlassian Account to an IDP account leads to a login error if the old Atlassian Account is deactivated before the user's next login
Steps to Reproduce
1. As the end user, SSO login into Atlassian (ie. primaryemail@domain.com)
2. On org managed accounts, change the email address of the account to something else. (ie. primaryemail@domain.com -> primaryemail_free@domain.com )
3. Deactivate the old account in managed accounts (ie. primaryemail_free@domain.com)
4. In AA org managed accounts, migrate another existing Atlassian account to use the SSO email address. (ie. alias@domain.com -> primaryemail@domain.com)
5. As the end user, try to perform an SSO login again.
Expected Results
The user should be able to login into Atlassian Account that matches the SSO email address.
Actual Results
After a successful authentication on the IDP, the user is redirected to a login error on Atlassian side.
Hmm... We're having trouble logging you in.
This account has been deactivated. Please contact your organization admin
Workaround
Reactivate the old account to allow the re-link to happen.
As the org admin, reactivate the old account (ie. primaryemail_free@domain.com)
As the end user, perform an SSO login to re-link (ie. primaryemail@domain.com)
As the org admin, deactivate and delete the old account again (ie. primaryemail_free@domain.com)
Attachments
Issue Links
- relates to
-
-
- Closed
-
- mentioned in
-
Page Loading...
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-