Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Difference between an Identity Provider and User Directories (Domains)

Dave Mathijs
Dave Mathijs
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 22, 2022

Hi all,

Atlassian Access currently can only be connected to a single IdP.

If you have multiple external User Directories configured in Server, connecting to different domains, does that count as multiple IdP's?

Comment
Watch
Like Be the first to like this
1598 views

1 comment

Dave Meyer
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 22, 2022

Hey @Dave Mathijs

We actually launched support for multiple identity provider connections for customers with our Cloud Enterprise plan last week. https://community.atlassian.com/t5/Enterprise-articles/Multiple-identity-provider-support-now-available-in-Cloud/ba-p/2093719

However, for this scenario, it's much more common to have multiple directories of different types connected to a single identity provider, and then Atlassian cloud connects to that one identity provider. Basically every major identity provider can pull in users from various types of external directories (Okta and Azure AD examples attached)

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-hybrid-identity

https://help.okta.com/en-us/Content/Topics/Directory/ad-agent-get-started.htm

Like
Dave Mathijs
Dave Mathijs
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 22, 2022

Hi @Dave Meyer , thanks for the quick answer.

I'm aware of the support for multiple identity provider connections, but unfortunately, that is a Cloud Enterprise Plan exclusive feature, so not available for the Standard/Premium Plans.

I have no knowledge whatsoever about Azure AD, so can you confirm that Azure AD can pull in users from different domains/tenants?

Like
Dave Meyer
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 22, 2022

For most organizations if you had multiple Active Directory or LDAP external directories connected to your Atlassian server products, these directories would be connected to a single cloud identity provider like Azure AD as a universal directory. 

There's some basic architecture diagrams for how this works in Azure AD here (https://docs.microsoft.com/en-us/azure/active-directory/hybrid/choose-ad-authn#architecture-diagrams) but typically if there are people within your company that manage your Azure AD deployment, or manage how you log in to other SaaS applications, then it's best to connect with them and understand your org's identity environment.

Like
Reply

Comment

Log in or Sign up to comment
Identity Manager
Atlassian Access
TAGS
AUG Leaders

Atlassian Community Events

    See all events