• Type: Suggestion
• Resolution: Unresolved
• Priority: Low
• Fix Version/s: None
• Affects Version/s: None
• Component/s: None
• Labels:

  None

1. 

   screenshot-1.png

   47 kB

   12/Nov/2021 5:03 PM

[SAMLDC-77] As an administrator I would like to transform JIT synchronized groups names (aka group name mapping)

Renata Dornelas made changes - 21/Jan/2025 6:00 PM

Remote Link

Original: This issue links to "Page (Atlassian Documentation)" [ 680592 ]

Dominique Cardin made changes - 10/Jul/2024 11:35 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 925424 ]

Dominique Cardin made changes - 30/Apr/2024 11:05 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 900110 ]

Aline Staudt made changes - 06/Sep/2022 6:04 PM

Remote Link

New: This issue links to "Page (Atlassian Documentation)" [ 680592 ]

Josh Ramos (Inactive) made changes - 22/Jul/2022 5:38 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 665161 ]

Owen made changes - 05/Apr/2022 7:05 AM

Workflow	Original: SAMLDC Workflow v2 [ 4083721 ]	New: JAC Suggestion Workflow 3 [ 4271284 ]
Status	Original: Open [ 1 ]	New: Gathering Interest [ 11772 ]

Thiago Masutti made changes - 12/Nov/2021 5:03 PM

Description

Original: h3. Problem Definition Since groups synchronized to Atlassian applications can be used to assign permissions (project, space, etc), some group names from the IdP might not be easily recognized by users. It would be interesting to an Atlassian administrator to have the ability to map groups synchronized by JIT to internal groups, with different names. The same feature would be useful when configuring JIT with Azure AD. Azure AD would send only the group ID (_Azure Active Directory Group ObjectId_) through SAML. This feature would enable Azure AD customer to enable JIT in their instances. More details in [Configure group claims for applications with Azure Active Directory|https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-fed-group-claims]. h3. Suggested Solution Provide a feature to map the name of groups synchronized from the IdP to new names. This is similar to a feature provided by other Marketplace Apps:  * [https://wiki.resolution.de/doc/saml-sso/latest/jira/further-configuration/transformations]

New: h3. Problem Definition Since groups synchronized to Atlassian applications can be used to assign permissions (project, space, etc), some group names from the IdP might not be easily recognized by users. It would be interesting to an Atlassian administrator to have the ability to map groups synchronized by JIT to internal groups, with different names. The same feature would be useful when configuring JIT with Azure AD. Azure AD would send only the group ID (_Azure Active Directory Group ObjectId_) through SAML. This feature would enable Azure AD customer to enable JIT in their instances. More details in [Configure group claims for applications with Azure Active Directory|https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-fed-group-claims]. Note that {{sAMAccountName}} can be used for groups synchronized from on-prem AD, but not for groups created directly on Azure AD.  !screenshot-1.png|thumbnail! h3. Suggested Solution Provide a feature to map the name of groups synchronized from the IdP to new names. This is similar to a feature provided by other Marketplace Apps:  * [https://wiki.resolution.de/doc/saml-sso/latest/jira/further-configuration/transformations]

Thiago Masutti made changes - 12/Nov/2021 5:03 PM

Attachment

New: screenshot-1.png [ 413349 ]

Thiago Masutti made changes - 02/Apr/2021 8:07 PM

Summary

Original: As an administrator I would like to transform JIT synchronized groups names

New: As an administrator I would like to transform JIT synchronized groups names (aka group name mapping)

Marcin Kempa made changes - 01/Apr/2021 1:39 PM

Remote Link

New: This issue links to "Page (Confluence)" [ 540227 ]

Load more older history items