Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Domain-based login flow made account inaccessible

Ryan Govostes
Ryan Govostes
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 13, 2026

Previously, we had a service account user@domain.edu. This is an e-mail alias that forwards to our development team.

At some point, Atlassian began intercepting logins ending with @domain.edu and sending them to Microsoft's login flow.

So when I try to sign into our user@domain.edu account, it authenticates against Entera ID, where no such account exists because, as stated, this is just an e-mail alias.

Effectively we have been locked out of our account by this change. I don't see a way to continue using our old password based sign-in.

Answer
Watch
Like Be the first to like this
85 views

1 answer

1 accepted

1 vote
Answer accepted
Arkadiusz Wroblewski
Arkadiusz Wroblewski
Community Champion
May 13, 2026

Hello and welcome to the Community @Ryan Govostes 

Are you Org Admin ?

The issue here is that Microsoft can’t authenticate a simple forwarding alias. For SSO to work, there has to be a real, login-capable identity behind that address in Entra ID.

You’ll need to have your admin either create a legitimate account for that email in Entra, update the Atlassian email to a real address, or move the account to an authentication policy that doesn’t enforce SSO. Once a domain is claimed, those "ghost" alias accounts won't function properly because they need a real home in your identity provider to pass the authentication check.

Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security