Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,365,186
Community Members
 
Community Events
168
Community Groups

Activate Access for Portal Only Customers Synced with Azure AD

We have an organization of 900 users. We are using Jira Service Desk and trying to setup access for approximately 850 of these users as Portal Only Customers. We have setup user provisioning utilizing Azure AD and Atlassian Access and all users have synced with no issues. The entire user base has been added to a specific Service Desk Project as portal users. Our Service Desk Agents have no issues logging in using SSO, but new users that have been synced get the following error when using SSO for the Service Desk Portal.

Screenshot 2019-09-27 13.55.37.png

The user provisioning documentation says that "You can activate a user's Atlassian account from the identity provider", but I cannot figure out how to do that. 

Any suggestions? 

 

 

1 answer

Hi Jonathan, 

Thanks for using Atlassian Community. 

The error in your screen shot actually indicates that the user does not have permission to use the enterprise app in Azure side. When the the user tries to login into Atlassian, the login flow will fail on Azure side. The failure is on the SAML Single Sign-on setup, not in user provisioning. 

Usually, there is a single Atlassian Cloud enterprise app on Azure side where you configure both Single Sign On and User Provisioning. Users assigned to that single app will both be provisioned into Atlassian and will be able to use the SSO. 

app.png

If the user has been provisioned into the cloud site but is not able to SSO, I suspect you have configured 2 separate enterprise app in Azure side. 

  • Go to https://aad.portal.azure.com/
  • Open Enterprise Applications
  • Find the "Atlassian Cloud" app that is configured with Single Sign On for Atlassian.
  • In the app's Users and Groups, add the user. 
  • Request the user to try and login again into Atlassian. 

I hope this helps. 

Regards,
Ramon

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events