Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How can I make my customer access Jira service management by authenticating from my application

S Sunilraj
S Sunilraj October 16, 2025

Problem statement:

  • Connect our customers to Jira Service Desk portal to create incidents/service requests.
  • User is Authenticated via Federated through our application portal.

 

Tech Ask:

  • Customers are federated to access our application portal
  • and how can the users get a token or auto auth to the JSM portal in the back during the onboarding process
Answer
Watch
Like Be the first to like this
51 views

2 answers

2 accepted

2 votes
Answer accepted
Kai Krause
Kai Krause
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 16, 2025

Hi and Welcome, 

you can connect the portal.Configure SAML single sign-on for portal-only customers | Atlassian Support 

Depends on Atlassian Guard. 

BR
Kai 

Reply
1 vote
Answer accepted
Christos Markoulatos
Christos Markoulatos
Community Champion
October 16, 2025

Hey @S Sunilraj 

You can connect your customers to Jira Service Management using SSO if they’re already authenticated through your app. Atlassian now supports SAML SSO for portal-only customers, so during onboarding, you can redirect users to Jira where they’re auto-logged in via your identity provider and if they don’t have an account yet, Jira can create one on the fly (just-in-time provisioning). Just keep in mind that this requires Atlassian Guard (as @Kai Krause said before me) and some setup on both your IdP and Atlassian side. If you’re using something like Cognito or Keycloak, you might need a marketplace SSO add-on for more flexibility.

Hope this helps! 😊

Links that might help:

View More Comments
S Sunilraj
S Sunilraj October 16, 2025

Thank you @Christos Markoulatos & @Kai Krause , using SSO is fine, but we dont want our customer to create an account with email verification on atlassian , still be able to have account as soon as they are added.

 

We use cognito , and the expectation is while a user onboards into our portal, the user should be able to have access to create tickets, and they need not create any local account in atlassian, 

Is this feasible ?

Like
Christos Markoulatos
Christos Markoulatos
Community Champion
October 16, 2025

@S Sunilraj 

Yes, it’s possible to integrate AWS Cognito with Jira Service Management for SSO, but there are important caveats.

How it works

  • Atlassian Guard supports SAML SSO for portal-only customers in Jira Service Management.
  • AWS Cognito supports SAML 2.0, so it can act as an Identity Provider (IdP).
  • With Just-in-Time (JIT) provisioning, Atlassian can create a user account automatically on first login—no manual invite or email verification required.

Important caveats

  • Cognito is not officially supported by Atlassian. It’s not on the list of tested IdPs (Okta, Azure AD, Ping, etc.), so there’s no native integration wizard. You’ll need to manually configure SAML metadata and attribute mappings.
  • JIT provisioning should work in theory, but it depends on:
    • Correct SAML attribute mapping (email, first name, last name).
    • A verified domain in Atlassian Guard.
    • Cognito sending the required claims.
  • SCIM provisioning is not available with Cognito, so you only get JIT (create on first login), not full lifecycle management.
  • If you need advanced features (OIDC, dynamic org mapping), consider a marketplace app like miniOrange SAML/OAuth SSO for JSM Customers, which explicitly supports AWS Cognito.
  • AWS has announced that SAML support in Cognito will eventually be deprecated in favor of OIDC, so long-term planning should consider OIDC.

In conclusion yes It’s feasible, but not officially supported. JIT should work if configured correctly, but you’ll need to test it because Atlassian doesn’t provide official guidance for Cognito.

Its not something i have tried, so am not 100% sure, but based on experience and the documentation it should work.

Like
S Sunilraj
S Sunilraj October 16, 2025

Thank you @Christos Markoulatos , let me try it.

this is a big support with your answers,

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Management
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security