Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
How to fix the 'User exists already' Error
Problem
When running a User Sync, you receive an error message very similar to the one below:
"ATTR_ID : 2cebde31-4a06-4d06-8793-580bd2093f9a : 12438 exists already"Cause
This can happen when a user is deleted and created again with the same name on the identity provider side.
User Sync tries to create a new user and this fails, because the old one still exists in Jira, Confluence, Bamboo or Bitbucket.
Resolution
Method 1
Identify Users
- Download the failed users result first and open it
- search for the ATTR_ID value or for the term "exists already"
- this will eventually reveal the usernames that have been deleted and created again on your identity provider
copy the username and proceed with the next step
In case you have a username transformation in your connector settings, you can get the value of the "<IdP-Type>_ID" (e.g. "azure_ID") attribute instead of the value of "ATTR_NAME" in this step, and use it in the coming steps, but make sure you copy it from the "inputUser" section, since this is the current actual value that is returned by the IdP.
Fixing the Error with a Single User Sync
- Click on Sync Single User of the connector that showed the errors and paste the name into the field
- enable the Advanced toggle
- enable the Sync With Username As Primary Attribute checkbox (1) and click Go (2)
- if everything went well you should now see
If you now run another full sync the error should go away. Of course, you might need to repeat the above for all the other users affected.
Method 2
Please use this method only if you need to fix a lot of users at the same time and during a full sync. This should be done out of hours, if possible.
- Navigate to the User Sync configuration page, and click on Edit of the connector showing that error message
- Choose Provisioning Settings and scroll down to Attribute Mapping
- In the Attribute Mappings section, temporarily change the primary attribute to Username (the default should always be <IdP-Type>_ID, i.e. azure_ID)
- Please switch to Sync Settings and scroll down to Scheduled Synchronization
- Temporarily disable the Scheduled Synchronization to ensure no sync runs while applying the fix. Just use the toggle switch to disable the scheduled synchronization.
- Save and Return the configuration
- Run a full sync
- Once it has been completed, revert the connector settings and switch back to the default <IdP-Type>_ID field as the primary attribute
- Enable the Scheduled Synchronization again
- Save the configuration
If the methods above don't solve the issue, please contact our support team and provide the following details/ files:
- At your User Sync page, click on the History link for the connector in the Action column of the connector list
- Find the last sync with errors and click on Details
- Scroll down to the bottom of the page and click on Download results for all users
- Head over to our support portal, open a ticket and attach the file downloaded