Open issues

Order by Priority
  1. Suggestion
    ACCESS-720Deactivation policies for managed accounts
  2. Suggestion
    ACCESS-1449Auto deactivate Atlassian Accounts based on inactivity
  3. Suggestion
    ACCESS-2377SSO notifications
  4. Suggestion
    ACCESS-1278Improve Audit log entries about the deletion of draft Confluence pages
  5. Suggestion
    ACCESS-800Ability to rename groups after they've synced to the organization from an identity provider.
  6. Suggestion
    ACCESS-1572Allow unmapped/empty fields to be editable by admins or user for IDP synced accounts
  7. Suggestion
    ACCESS-1952Allow Multiple External User Security Policies
  8. Suggestion
    ACCESS-1540Provide Organization Admins with granular control over managed Bitbucket accounts
  9. Suggestion
    ACCESS-1010Improve SSO enabled user login error messaging
  10. Suggestion
    ACCESS-2376Confluence Standard plan - alert storage when limit has been exceeded
  11. Suggestion
    ACCESS-977Ability to exclude or remove a site from User Provisioning (SCIM)
  12. Suggestion
    ACCESS-1002Enabling allow listing policies automatically blocks Atlassian's own IPs
  13. Suggestion
    ACCESS-1009Ability to control site/organization access for accounts via user provisioning
  14. Suggestion
    ACCESS-1048IP allowlist on organization administration (admin.atlassian.com)
  15. Suggestion
    ACCESS-1315Include support ticket information for Atlassian Support IP Policy in Security > IP allowlisting
  16. Suggestion
    ACCESS-1550Grant site admins the option to manage API tokens access for unmanaged users
  17. Suggestion
    ACCESS-1558IP Allowlist audit log to include incident and IP address of blocked requests
  18. Suggestion
    ACCESS-1575Allow admins to unlock a provisioned managed account temporarily and later on relink with the Provisioned data (API and UI option)
  19. Suggestion
    ACCESS-1832Unlink SCIM synced groups instead of deleting them when the group is removed/unassigned in the IDP
  20. Suggestion
    ACCESS-2077Mobile App Policy option "Prevent users from saving or backing up data to their devices" prevents users from copying the issue link or other data on the Jira Mobile and Confluence Mobile Apps.
  21. Suggestion
    ACCESS-2122Notification Service for User Provisioning in Osync Setup (Azure AD with Nested Groups)
  22. Suggestion
    ACCESS-2308Disable the "Remove user" button on the Users page UI for SCIM synced users.
  23. Suggestion
    ACCESS-2375Ability to clear data from history of manually cleaned Sensitive data
  24. Suggestion
    ACCESS-598Add level of access for Organization administrators
  25. Suggestion
    ACCESS-2332Summary: Add audit log entries for app additions (e.g., JSM trial) to existing sites
  26. Suggestion
    ACCESS-2321Provide option to export 'Invited User' list
  27. Suggestion
    ACCESS-2099Allow customers to map group description on Entra
  28. Suggestion
    ACCESS-822Support more synced attributes for SCIM User Provisioning
  29. Suggestion
    ACCESS-1487Push Other Attributes from an IDP to Atlassian Cloud Managed Profiles
  30. Suggestion
    ACCESS-2000Cannot unsuspend a SCIM provisioned account(if this account is previously suspended)
  31. Suggestion
    ACCESS-2041Support additional attributes for Azure AD sync (Osync)
  32. Suggestion
    ACCESS-2076Provide OTP (MFA) option to portal-only customer
  33. Suggestion
    ACCESS-1287Ability to change maintenance window for Atlassian Access
  34. Suggestion
    ACCESS-604Grant users synced from identity providers via SCIM application access by default
  35. Suggestion
    ACCESS-1761Provide different verification methods for external user logins
  36. Suggestion
    ACCESS-2040Support additional attributes for Google Workspace Sync
  37. Suggestion
    ACCESS-2119Prevent file / attachment uploads from mobile Apps
  38. Suggestion
    ACCESS-1784Azure AD Connect Notification for Expired Credentials
  39. Suggestion
    ACCESS-1653Organization audit logs should show more details for user invite events
  40. Suggestion
    ACCESS-1915Allow External users login via IDP Application Dashboards when enforced with External SAML SSO
  41. Suggestion
    ACCESS-905Provide a web UI to change the managed accounts' public name for organization admins
  42. Suggestion
    ACCESS-668Allow organization admins to have full control over profile visibility settings
  43. Suggestion
    ACCESS-797Ability to see which accounts do not have 2FA enabled in an organization
  44. Suggestion
    ACCESS-1294Update the Okta cloud application to make Jira/Confluence/etc chiclets configurable per user or group
  45. Suggestion
    ACCESS-1522Warn admins of potential atlassian_conflict accounts added by Google.
  46. Suggestion
    ACCESS-1612Ability to selectively enable external user security for subset of external users
  47. Suggestion
    ACCESS-2347Ability to have Trello Free users not count as billable for Guard
  48. Suggestion
    ACCESS-1824Route SSO-enforced users to their IdP regardless of which option they select from the login screen
  49. Suggestion
    ACCESS-1609Allow automatically redirected to SSO provider when logging into a site
  50. Suggestion
    ACCESS-2372Update Atlassian Cloud App in Okta to include Loom
Refresh results
1 of 490
Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-720

Deactivation policies for managed accounts

    • 130

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      Currently, the process of finding and deactivating inactive users(haven't accessed any products for a long time) is strictly manual as admins can either use:

      1. The Export accounts feature inside the Managed Accounts
      2. The Organization get users REST endpoint

      To find those users by looking at the Last active date.

      So, the deactivation of the accounts still depends on manually checking how long your users have been inactive and then manually deactivating them or developing a script to use the user management REST deactivation endpoint.

      Many admins are also interested in disabling the notifications that are sent to their end users upon deactivation, or improving the deactivation message to include more information about the reason for deactivation to keep users better informed.

      Suggested Solution

      Implement a deactivation policies feature for Atlassian Access where admins can configure default time for users to be deactivated by being inactive.

      Admins would then be able to configure that users who haven't accessed any products in the last 3 months will get automatically deactivated.

      Additionally, the feature could trigger an email message to the deactivated users saying why they were deactivated and who they need to contact, as well as an option to disable the notification from being sent. 

      Why this is important

      For organizations with thousands of users, the current methods of finding and deactivating, inactive users requires a lot of work from the organization admins and as the company grows this tends to get more difficult to be done.

          Form Name

            No work has yet been logged on this issue.

              c6c23291180e Ilya Bagrak
              akasper André K. (Inactive)
              Votes:
              186 Vote for this issue
              Watchers:
              142 Start watching this issue

                Created:
                Updated: