Summary

One or more of your user's Atlassian accounts keeps having their first name and/or last name revert to an old value whenever they login again.

Environment

• You have Atlassian Access with SAML SSO configured.
• Your user's are managed accounts with emails that match one of your verified domain(s).
• The user(s) with the problem are not managed by your identity provider.
• The user(s) with the problem have SAML SSO enforced.
• The user(s) with the problem can login successfully to their correct Atlassian account via SAML SSO.

Diagnosis

1. In Atlassian, change a user's first name and/or last name to a new value by going to your organization's Directory > Managed users page.
2. Have the user login via SAML SSO
3. Check the user's first name, last name or email address. It is the old value again.

Cause

When SAML SSO was setup for your organization, these values along with NameId (email address) were mapped to accounts in your identity provider:

Every time you login via SAML SSO, the associated values are sent from your identity provider over to Atlassian. Atlassian will then just-in-time update your account to match your identity provider.

Solution

In order to update an Atlassian account's first name, last name or email while still logging in via SAML SSO, you will have to send over different values from your identity provider. You could do that by:

• changing your mappings (which will impact all users who login via SAML SSO), or
• changing the mapped value just for this account (which might impact this accounts identity in other systems).