Connect Microsoft Azure Active directory with Atlassian Cloud

Get Atlassian access trial
Verify domain > Claim accounts
User provisioning > Create a directory
Login to Azure, create new directory, add test users
Add custom domain name and verify to AD
Follow https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/atlassian-cloud-provisioning-tutorial
Assign user/groups to the Atlassian Cloud app in Azure: Home > youraccount > Enterprise applications | All applications > Atlassian Cloud | Users and groups
Alternative to assigning users and groups is to select “Sync all users and groups” in Provision settings and then limit the synced users via scoping in Attribute mappings
Change attribute mapping for AD mail object which maps to Atlassian emails[type eq “work”].value to userPrincipalName - example
Enable SAML SSO login

Troubleshooting

If the users aren't syncing, check user attribute mappings in AD > Enterprise applications > Atlassian Cloud > Edit provisioning > Mappings > Synchronize Azure Active Directory Users to AtlassianCloud. Here, assign some default value to some or all fields, because the sync won't work if some attributes are not defined i.e. mapped correctly .

Since you can only sync users with verified domains, the mappings above need to be correct, i.e. AtlassianCloud Attribute “emails[type eq “work”].value” in “Mappings” expects email from verified domain, so this can be mapped for example to “userPrincipalName” of Azure Active Directory Attribute so the user is created/synced properly.

You will get a sync failure error in Provisioning logs if the users have the same Name field in Azure and Atlassian. So users with same value in some fields won't be synced but reported as already matched. Screenshot below

So edit the attribute mapping if possible or change the field value in Azure, if possible.