Make changes to a managed user account

Which user management experience do you have?

To check, go to your organization at admin.atlassian.com and select Directory. If the Users and Groups lists are found here, then you are using the centralized user management. Learn more about the centralized user management

We’ll note these changes in the support documentation below.

Original

Centralized

As a site administrator or organization admin, Users is found under Product site.

Original user management png

As an organization admin, Users is found under Directory tab.

Centralized user management png

 

After you verify a domain, all the Atlassian accounts with email addresses from that domain become managed accounts. As an organization admin, you can edit the details of a managed account.

When the domain of a user’s account isn’t verified, the user’s account is unmanaged. In that case, only the user can edit their own account details.

View a managed user account

To view and make changes to a managed user account:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Select a user to open the managed accounts page.

Edit user details

To edit the user’s name, job title, department, or location:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Select a user to open the managed accounts page.

  4. Select Show more details.

  5. To update a field, click its value, or select Click to enter value.

  6. Select the tick button to save your change.

Managed accounts screen showing the job title field being edited for a user.

Update email address

If you want to update the email address of a managed account to another email address, make sure you’ve verified the domain for the email you want to update to.

Change to email address update

Starting from mid-January to mid-February 2021, we'll be rolling out a change to updating email addresses. Before, you could update a managed account's email address to an email of an unverified domain. Now, you can only update an email with a domain you've verified.

Since the change is rolling out over time, you might still be able to update an email address to an unverified domain. If so, we'll email the user to verify the update.

To change the email address for an account:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Select a user to open the managed accounts page.

  4. Select the email address field and enter the updated email address.

You can only update an email address if the new email address also belongs to a domain you verify for your organization. If you’re unable to verify the domain, let the user know they can create a new Atlassian account with that email address.

Change the profile picture

To change a user’s profile picture:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Select a user to open the managed accounts page.

  4. Hover over the profile picture, and select Change profile photo.

  5. Either drag and drop or upload the photo.

  6. Save your changes.

Manage a user’s product access

To change a user’s product access:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Select a user to open the managed accounts page.

  4. The Product Access table lists the products the user can access. Select the 3 dot icon > Manage product access to open the user’s page for that product in the site administration.

From there, you can remove product access, update access for other products associated with the site, or take other actions related to the user.

Note this different way to manage product access if you have the centralized user management: for the product you want to manage access, select the 3 dot icon > Manage product access to open the user’s page in the organization’s administration. From there, you can remove product access, update access for other products associated with the organization, or take other actions related to the user.

Exclude a user from two-step verification

If your organization enforces two-step verification, you can temporarily exclude a user from being required to log in with a second step.

To exclude a user from logging in with two-step verification:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Select a user to open the managed accounts page.

  4. Scroll down to the Security section.

  5. Under Two-step verification, select Exclude from two-step verification.

To learn more about what happens when you exclude users, see Enforce two-step verification.

Force a user’s device to log out

When you force a logout for browser sessions, we log users out immediately. For mobile app sessions, we can take up to an hour to log out users.

To log a user’s device out of all Atlassian services:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Next to the user you want to log out, select Show details.

  4. From the Recent devices table, select Log out next to the device.

This is not a permanent action. Users can always log in with this device again.

Require a user to reset their password

To require a user to reset their password:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Select a user to open the managed accounts page.

  4. Select Reset password from the top right.

Revoke a user’s API tokens

Who can do this?
Role: Organization admin
Plan: Atlassian Access

Users can create API tokens to perform authenticated operations with product APIs. How users create and use their own API tokens

To revoke an API token created by the user:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. Select Directory > Managed accounts.

  3. Select a user to open the managed accounts page.

  4. Scroll down to the Security section.

  5. The API tokens table lists all API tokens the user created.

  6. Select Revoke next to each token.

Delete or deactivate an account

See Deactivate a managed account or Delete a managed account for more information.

Additional Help