Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,364,993
Community Members
 
Community Events
168
Community Groups

2 organizations and 2 identity providers: is SSO possible ?

Edited

I read the documentation on organizations and the one regarding SSO and SAML and I can't seem to answer this question:

Is it possible to have 2 organizations (2 domains) and 2 identity providers in Atlassian access for the same JSM Cloud instance ?

2 answers

1 accepted

1 vote
Answer accepted
Dave Meyer Atlassian Team May 19, 2021

Hi @Carmen Nadeau ,

Yes you can set up 2 organizations with separate domains and separate identity providers, and users in both organizations can access the same JSM Cloud instance for SSO purposes.

The only caveats I would note are:

  • You can only configure SCIM user provisioning with the organization that the JSM Cloud instance that is directly linked to.
  • We don't currently support SSO for JSM portal-only customer accounts. (But we do support it for customers using Atlassian accounts)

I read your comment and the link document in reference in it.

Your answer surprised me and I re-read this page:

https://confluence.atlassian.com/cloudkb/saml-single-sign-on-and-provisioning-for-service-desk-customers-1027113836.html

In my mind what you are saying and what it is written is completly at the opposite. In the article it is imply that a customer do not use a licence and can be manage in Atlassian acces and can log with SSO, 

image.png

 

Wich one is it ? It does have an impact for us.

Dave Meyer Atlassian Team May 19, 2021

@Carmen Nadeau apologies for the confusing language. I was trying to summarize what the documentation already says, it is correct.

Customers that are users in the site with Atlassian accounts with no application access can have SSO enforced, but are not billable for Atlassian Access.

JSM also has a feature called "portal-only customer accounts" that cannot use SSO today. This distinction is better explained in that second link you referenced above.

Like Carmen Nadeau likes this

I have the same question - is it possible to use SSO\SAML IdP provider only for the one of our site or organization?

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events