• Type: Suggestion
• Resolution: Unresolved
• Priority: Low
• Fix Version/s: None
• Affects Version/s: None
• Component/s: None
• Labels:

  None

1. 

   Screen Shot 2021-01-14 at 9.07.10 AM.png

   120 kB

   02/Feb/2021 2:09 PM

[SAMLDC-73] Jira Application Access respect "default group" when using JIT provisioning

Owen made changes - 05/Apr/2022 7:05 AM

Workflow	Original: SAMLDC Workflow v2 [ 4056682 ]	New: JAC Suggestion Workflow 3 [ 4271315 ]
Status	Original: Verified [ 10005 ]	New: Reviewing [ 11773 ]

Pedro Souza made changes - 05/May/2021 4:21 PM

Link

New: This issue relates to JRASERVER-72388 [ JRASERVER-72388 ]

Mareusz (Inactive) made changes - 23/Apr/2021 8:47 AM

Link

New: This issue duplicates SAMLDC-69 [ SAMLDC-69 ]

Thiago Masutti made changes - 10/Mar/2021 9:03 PM

Link

New: This issue is related to CONFSERVER-60578 [ CONFSERVER-60578 ]

Thiago Masutti made changes - 10/Mar/2021 8:46 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 535107 ]

Deyves (Inactive) made changes - 04/Feb/2021 6:19 PM

Link

New: This issue is related to JRASERVER-72066 [ JRASERVER-72066 ]

Deyves (Inactive) made changes - 04/Feb/2021 6:18 PM

Link

Original: This issue is related to JRASERVER-72066 [ JRASERVER-72066 ]

Alexander (Inactive) made changes - 04/Feb/2021 6:09 PM

Link

New: This issue is related to JRASERVER-72066 [ JRASERVER-72066 ]

Eddie Webbinaro (Inactive) made changes - 02/Feb/2021 2:13 PM

Description

Original: For a customer using AD with JIT provisioning, the "Default Groups" settings under "Application Access" page is currently ignored. Expected behavior is when JIT users, are created in internal directory, like manually created users, respect this setting to apply default groups on first login.

New: For a customer using AD with JIT provisioning, the "Default Groups" settings under "Application Access" page is currently ignored. *Expected behavior* is when JIT users, are created in internal directory, like manually created users, respect this setting to apply default groups to the user's membership when inserted to internal directory.   App Access page says: {quote}When you create a user for a Jira application, that user is automatically added to the application's default group. {quote} But users created via JIT do not respect this setting.

Eddie Webbinaro (Inactive) made changes - 02/Feb/2021 2:10 PM

Description

Original: For a customer using Azure AD with JIT provisioning, with a large AD footprint, passing all group memberships via SAML is problematic, hitting the 150 group limit. Customer requests: adding an option to consume a SAML Token, which will work around the user login issue when hitting the 150 group limitation. Once user has required groups when the login JIT automatically maps the user group with Application Access group and add user to it automatically. Also consider the possibility of local AD user directory (not Azure AD) to handle the possible scenario in which the user logs on with JIT but Application Access default groups are not yet setup.

New: For a customer using AD with JIT provisioning, the "Default Groups" settings under "Application Access" page is currently ignored. Expected behavior is when JIT users, are created in internal directory, like manually created users, respect this setting to apply default groups on first login.

Load more older history items