Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Guidance for SSO/SAML setup with Azure IDP / Entra for many products/sites

Boris Ning
Boris Ning
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 19, 2024

Hi,

I'm interested in setting up SSO/SAML with Azure AD/Entra as the identity provider. I've read through two guides and a youtube video on how to set it up, but I'm confused about some initial steps.

- Microsoft:

https://learn.microsoft.com/en-us/entra/identity/saas-apps/atlassian-cloud-tutorial

- Atlassian Guide:

https://support.atlassian.com/security-and-access-policies/docs/configure-saml-single-sign-on-with-an-identity-provider/

 

As an Atlassian org admin, I have a number of Atlassian Jira / Confluence sites (separate subdomain on atlassian.net) as well as hundreds of unmanaged users. This is where I have a lot of questions in the ordering of the setup:

To setup SSO/SAML, should I first claiming some of the unmanaged users to become managed users and use those subset of users as trial? Eventually all of those users will need to be managed (under the same domain) to use SSO/SAML, right?

When setting up SSO/SAML, how do I set it up for multiple sites with multiple subdomains? Should I add multiple Azure Enterprise Application to handle each site? or is there a way to incorporate multiple sites onto a single Enterprise Application?

 

Thank you,

-Boris

 

Answer
Watch
Like Be the first to like this
702 views

1 answer

1 vote
Jehan Bhathena
Jehan Bhathena
Community Champion
November 20, 2024

Hi @Boris Ning ,

To setup SSO/SAML, should I first claiming some of the unmanaged users to become managed users and use those subset of users as trial?

When testing an SSO setup, you can shortlist a few users and add them in the Azure application that will govern the login. Managed/Un-managed users won't matter for this use case.

From what I've tested, after you've claimed a domain, new users are auto added to your managed users, so the need to manually claim them might not be needed (unless you've setup the Claiming to be manual). This doesn't impact the SSO signin though.

When setting up SSO/SAML, how do I set it up for multiple sites with multiple subdomains?

SSO is applied to a certain Domain, I haven't checked/Seen the option to apply it to just one site yet.

IMHO, I would recommend getting in touch with the Atlassian Support team for a demo, and discussing this with their team directly. SSO/SAML when well understood can be applied easily, but since we don't have a limited Sandbox to test this out, the impact may hamper your existing users too.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security