Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Add all internal users to directory to access only JSM as customer

Ramon Gamma
Ramon Gamma
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 7, 2024

A organisation licensed Jira, Confluence, JSM, Guard in the cloud for ~1000 users.
The user provision is coming from internal AD and the users are login via SSO. The rest of the organisation (Total ~3000) should be able to access the JSM portal as customer only and login via SSO.

Our idea is to add all the internal users to the Atlassian directory with user provisioning and add them to a group which is having access to JSM as customer.
So all internal users are able to login via SSO to access JSM customer portal.

At the moment we're facing the problem that only the users which are having product access for eg. Jira are showing up in the directory of Atlassian.

We are wondering if users which are not in a group for a paid product (eg. Jira user) are not added/displayed in the directory by Atlassian.
Maybe there is such a limitation for which we are not able to find the documentation.

Answer
Watch
Like Susan Waldrip likes this
269 views

3 answers

1 accepted

0 votes
Answer accepted
Neil Fletcher
Neil Fletcher
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 7, 2024

Hi @Ramon Gamma 

I have a similar setup.  The group is created in Azure AD named: <company>_All_Employees
Whenever anyone joins/leaves, they are added/removed from the group.

I'm using the AAD User Principal Name to sync, so we capture all employees with and without a 365 licence.

The group is sync'd to Atlassian and added to the JSM product as a Customer

2024-11-07_11-21-09.png

Then, the same group is added to the JSM project with Role = Service Desk Customers

It allows all employees to access the portal and submit incidents, request etc

2024-11-07_11-22-49.png

Reply
0 votes
Ramon Gamma
Ramon Gamma
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 7, 2024

Thank you for your answers.

From what I see, we are doing it right and the potential issue as to why it actually doesn't work is probably an internal one.

I will forward this to the stakeholders so it can be analyzed and fixed.

Reply
0 votes
Mariana Silveira Sales
Mariana Silveira Sales
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 7, 2024

@Ramon Gamma 

I don't know if you already check this documentation: https://confluence.atlassian.com/cloudkb/user-provisioning-and-saml-single-sign-on-for-jira-service-management-customers-1333826180.html

but it seems to address this specific configuration.

"The JSM Customer role can be granted during SCIM user provisioning by synchronizing a user group from your external directory or granted when users access the portal using SAML Just-in-Time (JIT) provisioning through configured authentication policies, which will create an Atlassian account at login." 

So when syncing the group into Atlassian Cloud, you'll need to setting it as an access group for the Jira Service Management - Customer application access.

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.