If your company prefers that user management across different software installations is handled in one central IDP, Automated User Cleanup & Deactivation has two options to support keeping the local Jira/Confluence user base in synch with the central IDP.

1. Manage all product access groups in Atlassian: Shift your licensing groups to be managed directly through Atlassian.

2. Set up an identity provider (IDP) within the app: By configuring an IDP, our User Cleanup app can generate CSV files listing users who need to be removed from an identity group. You can then remove these users using scripts or the IDP’s bulk removal tools.

This guide explains how to do option 2 for the currently supported IDPs:

• Microsoft Entra ID

File export in Microsoft Entra ID

1. Configure what apps come from Entra ID. By hitting the Is user provisioning enabled? toggle.
   
   

   Open

   

   ** The licensing groups here are not actually IDP synced groups. Just simulated
   Open

   

   ** The configured groups here are not acctually idp synced groups. Just simulated.
   Having Entra Id in configured IDPs enables CSV export option in Cleanup creation form

2. Select Microsoft Entra ID action in the cleanup creation form.
   
   

3. Go to the Scheduling and Cleanup page -> History Export data button for the cleanup in question

   • A Dialog appears
     
     

4. Click on the Identity provider exports option

5. Download the CSVs for the groups you would want to do bulk actions on the users

Bulk remove users from groups Entra ID through the interface

• Go to portal.azure.com login to your org. Go to the Group you want to remove the user from and go to the members list. It should have the same name in Atlassian and Entra ID.

• Click Bulk operations → Remove members.

• Upload the file

• Hit submit

• It will start a background service and give you a report when it is done.