Skip to main content
All CollectionsšŸ¤” FAQs and Administration
How to sync the manager attribute into Atlas with Okta
How to sync the manager attribute into Atlas with Okta

Sync the manager attribute from your Okta to unlock enhanced reporting lines and filters in Atlas.

Eric Saboia avatar
Written by Eric Saboia
Updated over a year ago

This guide assumes you have read the how to sync the manager attribute into Atlas guide, which describes the prerequisites for syncing the manager attribute with Okta.

Integration Overview

Atlas determines the manager of a user by taking the value received for the manager field (manager.value) and looking for a match by either email (if the value was an email) or user id (if the value was an id). Think about the manager.value as a reference to another person.

Only email and user ID are valid ways to reference the personā€™s manager.

For example, here is the simple reporting line consisting of three people, where the top manager (right-most person) doesn't have manager.value set. This is usually the case with the company's Founders, CEOs, etc.

In this case, the reference is made via the email value (notice the values for the manager.value field in the blue boxes and how they refer to the person's manager).

Fran reports to Jane, who reports to Kurt. Franā€™s manager field is Kurtā€™s email. Janeā€™s manager field is Kurtā€™s email. Kurtā€™s manager field is null.

And here is the same example but with the references made via the user IDs (notice the values for the manager.value filed in the blue boxes and how they refer to the person's manager).

Fran reports to Jane, who reports to Kurt. Franā€™s manager field is Kurtā€™s user id. Janeā€™s manager field is Kurtā€™s user id. Kurtā€™s manager field is null.

Step 1: Create the new field

In Okta, create a new field for the Atlassian application.

This step will define the structure of the field we receive at Atlassian when a new user is created/updated, so itā€™s important to ensure that you follow the correct schema definition:

Namespace

urn:ietf:params:scim:schemas:extension:enterprise:2.0:User

External name

manager.value

IT IS IMPORTANT to ensure that the external name and namespace are defined exactly as described above (as specified by the SCIM specification in RFC 7643 section 4.3). Everything else won't be recognized by Atlassianā€™s Cloud API and will be discarded.

  1. Go to the Atlassian application and select ā€œGo to profile Editorā€ under the ā€œProvisioningā€ tab

  2. In the profile editor, select ā€œadd attributeā€ and configure as defined below

Step 2: Map Oktaā€™s attribute to the newly created field

Map the newly created field to the internal Okta field that contains the manager value. The value we expect to receive is a string containing either the email or the internal user-id of the userā€™s manager.

  1. Go back to the ā€œProvisioningā€ tab of the Atlassian Cloud application

  2. Scroll to the bottom of the page and select ā€œShow Unmapped Attributesā€

  3. Edit the new ā€œManagerā€ attribute, which was created in the previous step

  4. Select ā€œMap From Okta Profileā€ under the ā€œAttribute valueā€ and then select the correct field in Okta that has the managerā€™s email or id

  5. To keep it in sync, make sure ā€œCreate and updateā€ is checked to send updates to Atlassian when the user is created or updated

Step 3: Re-sync your users

Re-sync your user base once the mapping is complete and youā€™re ready to send the new information to Atlassian.

Step 4: Confirming the sync

You can check the progress of the sync by visiting admin.atlassian.com and navigating to ā€œSecurity ā†’ Identity Providers ā†’ Your Okta Directoryā€, and checking the ā€œUser provisioningā€ info.

Once the sync is complete, visit a user profile in Atlas, Jira, or Confluence to see the new section for ā€œReporting linesā€œ, which shows the userā€™s manager and direct reports or peers.

Troubleshooting

I still donā€™t see the reporting line after following all the steps

Ensure that there are no typos in the manager field created in Step 1. The namespace should be urn:ietf:params:scim:schemas:extension:enterprise:2.0:User and the external name manager.value.

Also, confirm that your Okta users have a manager attribute that itā€™s either the email or the user id of their manager and that you have mapped this attribute to the newly created field as described in Step 2.

You might also have to re-sync all users and ensure that the users were indeed resynced to Atlassian by looking at Oktaā€™s logs.

There is a ā€œmissing profileā€ in the reporting line

  1. Typically, one person in the organization has no manager (e.g., the CEO). It is important to ensure that this person's manager field is empty and has no value set to it on Okta to prevent the missing profile error (shown below)

Still having a problem with following the steps above?

Contact us through the ā€œgive feedbackā€ button in the navigation bar of Atlas, and weā€™ll assist you.

Did this answer your question?