SAML Single Sign On User Provisioning Overview Current: LDAP User Provisioning LDAP User Provisioning With a connection to a LDAP server, users will (periodically) synced to your Atlassian product instance. LDAP offers a variety of configuration options. For a more detailed look, please see the official Atlassian documentation.AdvantagesIf you already have a LDAP setup, you can keep using it. You only need to configure the SAML SSO plugin and everything will work.Users can be synced before their first log in. This allows to use them in your Atlassian product, even before they first logged in. During the login, our plugin also allows to search LDAP for newly created or updated users. Thus, updates on the LDAP can be synced even between sync intervals. In contrast to Just In Time provisioning, users are updated periodically and when they log in. Users provisioned with Just in Time are only updated when they log in and log out.LDAP allows for advanced filtering for users/groups to be synced.Users can also log in with their local passwords if the SSO stops working for any reason. When a user tries to log in with their password, Jira will connect to the LDAP for signing in the user.DisadvantagesThe username and password which is used to authenticate your Atlassian product with the LDAP server is saved in cleartext in the database of your Atlassian product. But if you set up your server correctly, this should not be an issue. Please a have look at the Atlassian documentation (see section "Server settings"), if you are concerned about this. SAML Single Sign-On is available for Atlassian Server & Atlassian Data Center products. Our Jira Data Center, Confluence Data Center, Bitbucket Data Center, Jira Server, Confluence Server, Bitbucket Server and other apps are all available on the Atlassian Marketplace.