Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
Nested Groups Support
Overview
Starting with User Sync 2.10.0, the SCIM 2.0 connector now supports nested groups, allowing you to manage user memberships in hierarchical group structures. This feature significantly enhances the flexibility and efficiency of user data management. This page provides a guide on how to enable and utilize the nested groups feature in the SCIM 2.0 connector for User Sync.
Enabling Nested Groups
To enable the nested groups feature in the SCIM 2.0 connector, follow these steps:
- In your Atlassian application, navigate to Administration > User Management > User Directories.
- Identify the directory that is assigned to the SCIM 2.0 connector and click on Edit.
- Look for the checkbox and ensure it is enabled.
- Save the changes to apply the settings.
Working with Nested Groups
How Nested Group Assignment works
With the nested groups feature enabled in the SCIM 2.0 connector, group provisioning follows the hierarchical structure established in your organization's directory (IdP). The SCIM 2.0 connector utilizes the group hierarchy built from the requests made to the SCIM endpoint, and as a result, users are automatically assigned to parent groups based on their memberships in child groups. Let's explore this behavior further with a practical example.
Example Scenario
Suppose we have an organization with the following group hierarchy in the directory:
- Parent Group (Marketing)
- Child Group 1 (Marketing Managers)
- Child Group 2 (Marketing Associates)
User Assignment:
Now, let's consider two users and their assignments within the groups in the directory:
User 1 (John Doe):
- Assigned to the "Marketing Managers" group (Child Group 1)
User 2 (Jane Smith):
- Assigned to the "Marketing Associates" group (Child Group 2)
With the nested groups feature enabled in the SCIM connector, the provisioning process utilizes the directory's group hierarchy. When User 1 (John Doe) is assigned to the "Marketing Managers" group (Child Group 1), the user is automatically assigned to the Parent Group (Marketing) based on the group structure in the directory. This means that User 1 becomes a member of both the "Marketing Managers" group and the "Marketing" group.
Similarly, when User 2 (Jane Smith) is assigned to the "Marketing Associates" group (Child Group 2), the directory automatically provisions her to the Parent Group (Marketing), making her a member of both the "Marketing Associates" group and the "Marketing" group.
Resulting Group Memberships:
After the provisioning process, the group memberships for User 1 and User 2 in the connected applications will be as follows:
User 1 (John Doe):
- Member of "Marketing Managers" group (Child Group 1)
- Member of "Marketing" group (Marketing)
User 2 (Jane Smith):
- Member of "Marketing Associates" group (Child Group 2)
- Member of "Marketing" group (Marketing)
Managing Nested Groups
During the provisioning process with the nested groups feature enabled, the SCIM 2.0 connector automatically handles the assignment of users to nested groups. However, if you want to verify the hierarchy and see how users are associated with parent and child groups, you can do so in the Jira group management interface. This provides you with a clear overview of the hierarchical structure and allows you to ensure that users are correctly associated with their respective parent and child groups. Here's how you can view the group hierarchy in Jira:
- Login to Jira as system administrator and navigate to Administration > User Management > Groups.
- Select Edit Nested Group members.
- To see the members of a specific group and its nested groups, you can click on the parent group's name to expand it. This action will reveal the child groups who are members of the selected group.
Troubleshooting
If you encounter any issues with the nested groups feature or face provisioning problems, consider the following steps:
- Ensure the nested groups feature is correctly enabled in the SCIM connector's directory settings.
- Review the system logs logs for any error messages or warnings related to nested group synchronization.
If the problem persists, don't hesitate to contact our support team for further assistance.