Below, you find information to set up Twitter as an identity provider and our SAML SSO apps for Atlassian Data Center and Server products. If you need our help or have questions, you can contact us via our helpdesk or book a free screen share session at https://resolution.de/go/calendly.


Limitations

  • During login, Twitter will always ask permission to share the data with your Atlassian DC/Server product. This cannot be turned off, and users must click "Accept" every time during login.

  • With Twitter OAuth 2.0 API, it is currently not possible to retrieve a user's email address (see here). However, it looks like this might change soon - there already is a checkbox in Twitter's app settings, but that doesn't seem to change anything yet. In case of new developments, we will adjust the guides. 

    In the meantime, the email will be set to "not-existing@example.org" for new users.

Step-by-Step Guides




Which Step-by-Step Guide should you pick?

Depending on your Atlassian Data Center or Server product, you can choose from different user provisioning models. We recommend using Just-In-Time provisioning since it automatically creates users when they log in.


In general, for Atlassian we support the following ways for user provisioning:

  1. Just in Time Provisioning allows you to create and update users on-the-fly when they log in. 
  2. For Manual User Management, the administrator has to create and update users on  your Atlassian Data Center or Server product by hand.
    We do not recommend it. See our article for Manual User Management.


Model/FunctionAdmin EffortPros and Cons
Just in Time Provisioning

Low

  • Creates & Updates users based on information received from Twitter during Login
  • Users are only created on their first Login.
  • Users & Groups are updated only during authentication.
Manual User ManagementHigh 

  • Need to create users before the first login, not recommended due to high effort