New User Sync integration with Linchpin User Profiles

New User Sync integration with Linchpin User Profiles

idp - usersync - linchpin

Table of Contents

Linchpin User Profiles are an essential piece of the Linchpin Intranet Suite, with hundreds and hundreds of Confluence customers. Adding cloud Identity Providers as a source of data is now possible with User Sync.

The holy grail of centralized user identity

Centralized user identities are gradually entering the mainstream. Both IT teams and users love this trend. Instead of being scattered across multiple services and tools, employees enjoy a single account with centralized roles across all company applications.

Okta and Confluence evolution chart on Google trends
In the last two years, interest for Okta has surpassed Confluence globally

The story doesn’t end on how users access applications. It expands to how information about users travels with them. Projects, teams, roles, permissions, managers. Information hosted in a cloud Identity Provider like Azure AD (Entra) or Okta should propagate automatically to all connected applications, from the payroll tool to Confluence.

In the real world, however, things are not that simple. Sending information to Confluence Server and Data Center and making it accessible to other users requires a very specific configuration.

The challenge of populating Confluence user profiles

A Confluence administrator who wants to populate user profiles should be able to answer three questions about user data:

  • How will user data be sent to Confluence? Traditionally, you would do an LDAP sync between Confluence and the Active Directory. But any company that moves to the cloud will break its LDAP connection, needing to look at other options, like SAML or REST requests.
  • Where will it be stored? Confluence user profiles are the standard answer. This could be enough if everything can be stored in the available fields: Full Name, Email, Phone, IM (Instant Messenger details), Website, About Me, Position, Department, Location. But if you need to store managers or skills, you will need to look at other options like Linchpin User Profiles, with support for any number of additional fields.
  • How will it be used and displayed? Most companies give unrestricted access to user profiles as reference material on a need basis. Other orgs hide the info, which is then used to build workflows and automations.

User Sync and Linchpin User Profiles: Real-time information for mass consumption

Linchpin User Profile populated from the identity Provider
The golden configuration for populating Confluence with the most accurate user data

User profiles are only as good as your data. The new integration between resolution’s User Sync and Linchpin User Profiles ensures that you can send your best data and publish it on Confluence:

  • User Sync hooks to any cloud identity provider with a public API and updates user attributes
  • Linchpin User Profiles for Confluence gives you limitless possibilities for storing user information

Advantages of combining User Sync with Linchpin User Profiles:

  • REST API integration. Replace the LDAP Sync with a REST API Sync. Keep the concept and update the technology!
  • Real time information. the integration works automatically once set up. Users will have the most current data. Admins can work on something else.
  • Forget about exports. This means that you can deprecate manual processes like exporting and importing information on an XML file.
  • No in-house development. Building a custom script to connect the IdP to Confluence is probably not worth the effort. Particularly once you factor in maintenance and the security features required to handle personal data.
  • Out of the box connectors with the most common Identity providers: Azure AD (Entra), Okta, Google Workforce (formerly known as GSuite), or OneLogin.
  • Custom connectors with Groovy scripts (on demand). When customers request an integration to an additional source of identity, we only have to take the requirements and write some lines of code.
  • Eliminate manual input. Stop sending reminders to your users about keeping their Confluence user profiles up to date.
  • Use all the data you want. Forget about the many restrictions you were used to. Send and store any number of user attributes (160 group memberships? Three lines of managers? Why not?).

How does the User Sync- User Profiles integration work?

The example: Populating a manager field in Confluence from Azure AD (Entra)

Let’s look at a real world example.

We want to publish information about each user’s manager in the Linchpin User profiles. Information about managers and supervisors is a classic gap in native Confluence user profiles. It’s also quite annoying to maintain with user input: managers change all the time with promotions, leaves and reorganizations. And we know that a lot of companies, including some of our customers, use that information to automate the maintenance of approval processes.

In the screenshot below you can see that admin’s profile already has a Manager field. Sadly, it’s empty. But the company stores the information in Azure AD (Entra)!

manager field empty Linchpin User Profiles

Goal: Populate the Manager field in User Profiles with information stored on Azure AD (Entra).

Source: User Sync Connector for Azure AD (Entra)

Prerequisites:

  • Confluence instance in Server or Data Center
  • Linchpin User Profiles (standalone), Linchpin Essentials or any other Linchpin implementation that includes User Profiles.
  • resolution’s User Sync for Confluence or SAML SSO for Confluence (includes User Sync)
  • User Sync Connector for Azure AD (Entra) (see the full setup guide)

If you prefer to dive directly into the setup, have a look at our full documentation on syncing attributes to Linchpin.

Step 1: Manage the field in Linchpin User Profile

  • In this case, the field already exists. If you want to create the new field from scratch, have a look at this First Steps guide
  • Set the right data source: IdP
Selecting IdP as the source of data in Linchpin User Profiles

This selection will make the Superior field available in the User Sync configuration.

Step 2: Map the Linchpin field to Azure AD (Entra)

  • In Confluence, go to User Management > User Sync,
  • Edit the Azure AD (Entra) Connector that you want to map to Linchpin
  • Click on the Provisioning Settings tab
  • Click on Add New Attribute Mapping and scroll to the bottom
  • There, you will see all the Linchpin user profiles fields configured with IdP as a source. Select Manager
Adding a new Attribute mapping from Linchpin
  • On the popup, select the source Azure AD (Entra) field, then hit apply
Mapping an attribute from Azure AD to an attribute in Linchpin User Profiles

As a result, you will see the manager field in the attribute mapping table

attribute mapping table in User Sync

Step 3: Run the sync

Afterwards, you should test that everything’s working properly. To do that, you can run the sync manually on a single test user. You can do this easily from the connector list.

sync a single user option

After the sync, you should see that the Manager field has already been updated!

Conclusion

Digital identities are constantly changing. The integration between User Sync and Linchpin User Profiles creates a seamless flow between cloud Identity Providers and Atlassian on-premise applications that will satisfy everyone. Users will be freed from entering data on their profiles. The IT team will reduce the amount of manual work. And the entire organization will benefit from capturing the true state of everyone’s fluid, interconnected, constantly changing data.

Linchpin customers can forget about cumbersome data migration processes and reap the same benefits of an LDAP sync on a cloud integration.

SAML SSO and User Sync customers who can already transmit all their data to Confluence also have the right platform built on top of Confluence to publish that data and make it available to every user.

About the products

About User Sync

user sync

User Sync is the smartest way to automate user lifecycle management in the Atlassian stack. Integrate cloud user directories and create users, update permissions and deactivate users without manual work.

Resolution’s User Sync can be bought as a standalone app, but most customers use it as an essential component of our SAML SSO app, where it provides an advanced alternative to Just in Time user provisioning.
Find it in the Marketplace

About Linchpin User Profiles

Linchpin provides a centralized information and collaboration platform with an open and transparent teamwork environment. Linchpin connects employees, no matter their time or location. Everyone has a personalized user-experience tailored only to them.

Linchpin User Profiles is included in Linchpin Essentials and the Linchpin Intranet Suite, but can also be purchased separately.
Find it in the Marketplace

Subscribe to our newsletter:

Related articles: