At this moment we use different Atlassian products:
Jira Software
Jira Concfluence
Jira Access
They are conneted to our Azure AD and when a user is member of the right security group they get a account in Jira Cloud. The user is able to log-in with SSO.
We also manage Guest user from a external company, through our Azure AD. We create a guest account in Azure AD based on a mailadres from the guest. This guest-account will be added to a Cloud Group, which create an account in Jira Cloud.
For guest-accounts we have conditional access which state for every Cloud app MFA will be enforced. But when a guest tries to log-in with Microsoft on our Jira Cloud. The guest account (mailadres) isn't recognised.
We use the same principle for instance in case of Share Point extranet sites. This is working fine. The guest user is receiving a e-mail with code, after the log-in the authenticator is creating an approval pop-up.
This sould also be the case for Jira Cloud.
