Community
Products
Jira
Questions
Different options of Azure AD integration and 2fa/mfa

Different options of Azure AD integration and 2fa/mfa

Dear community,

So far, I have found 2 options to do the integration:

1.using Atlassian Access

2. Without Atlassian Access. Using the Azure official plugin https://marketplace.atlassian.com/apps/1222230/azure-active-directory?hosting=cloud&tab=overview

Did I get it right?

Now questions about 2FA/MFA.

For option 1, we can enable 2FA or 2 step auth directly in Atlassian Access but what if my Azure AD has also 2FA enabled?

For option 2. If my Azure has 2FA enabled already, when I login Atlassian cloud, will I be redirected to Azure for 2FA?

Many thanks!

1 answer

1 accepted

0 votes

Answer accepted

You didn't get it right.

Your 2nd option requires Atlassian Access. It is listed on the list of pre-requisites (available via documentation link in the Marketplace listing). The listing itself is nothing but a click-bate for those who search on Marketplace for the Azure AD integration – there is no actual app behind it.

You need Atlassian Access subscription to connect to any IdP via SAML. Once you are connected Access's own 2FA won't apply anymore.

If you are logging in into Atlassian Cloud with an email from a domain that has been verified in your Organisation inside Access, and SAML is configured in Access, you will be not asked for the password but will be redirected to your IdP – you will have to login at your IdP, pass 2FA (if any) there and only then send back to Cloud.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Thank you very much for your help and I'd like to thank you again for answering the same question I posted in another thread.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Hang on one sec, the marketplace listing for Azure Active Directory flat out states "Provide seamless end-user access with single sign-on to Atlassian Cloud. Allow users to sign in using their organizational accounts hosted in Azure AD. "

Are you saying that Atassian Access is still needed when this says this is providing SSO?

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

The listing on Atlassian Marketplace is nothing but a click-bait/shortcut for people who are looking for SSO to Atlassian Cloud on Marketplace rather than Googling directly.

Click on the documentation link, available from the listing (on the right, at the bottom), arrive to Microsoft doco site, read – 2nd heading "Pre-requisites", 3rd bullet point:

To enable Security Assertion Markup Language (SAML) single sign-on for Atlassian Cloud products, you need to set up Atlassian Access. Learn more about Atlassian Access

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like • Rob Horan likes this

Wow. This is a Microsoft product. You would think they'd be more careful.

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Comment

Like

Reply

Suggest an answer

Log in or Sign up to answer

Was this helpful?

Thanks!

TAGS

Community showcase