Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What happens with groups after moving to Directory synced users?

Zane Kellogg
Zane Kellogg
Contributor
August 17, 2022

According to the documentation in user provisioning, you can manage groups and provisioning by groups after connecting to an identity provider. However, what happens to existing groups and group membership when converting to an identity provider?

Answer
Watch
Like Be the first to like this
788 views

1 answer

1 accepted

0 votes
Answer accepted
John Funk
John Funk
Community Champion
August 17, 2022

Hi Zane,

It depends on how you set it up. You do not have to have all groups connected to your identity provider. Actually, I would just only one or two, depending on the need. When you connect the group to the provider, though, it will lock it in Jira and can only be updated by the provider. 

View More Comments
Zane Kellogg
Zane Kellogg
Contributor
August 23, 2022

Hey John, thanks for responding. I have spent time testing this and I agree with you it is easier to manage syncing just a few groups through the identity provider. I have also confirmed that existing groups and membership is not affected as long as those groups are synced across.

Like
Jill Vieregge
Jill Vieregge
Contributor
June 29, 2023

Question: as the group is locked because it can only be updated by the provider, when I try to make it the DEFAULT ACCESS GROUP for Jira software I get this error. What is the implications of this? What should be the default access group then?

Screenshot 2023-06-29 at 3.10.23 PM.png

Like
Jill Vieregge
Jill Vieregge
Contributor
July 3, 2023

@John Funk another question for you above.

Like
John Funk
John Funk
Community Champion
July 3, 2023

Hey Jill - the default groups are the groups that will automatically be given to the user when their account is setup. If you have a separate group connected to your ID provider (AD, Okta, etc.) then by definition the user will be placed in this group. So you don't need to set it as a default group. 

But I would also grant access to the product to this ID provider established group just to avoid any connection issues for the user. 

Like Jill Vieregge likes this
Jill Vieregge
Jill Vieregge
Contributor
July 5, 2023

But you do have to have some kind of Default group specified don't you - so maybe a dummy mirrored group?

Like
John Funk
John Funk
Community Champion
July 5, 2023

Your default group is usually just the jira-users group. 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.