Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Activate Access for Portal Only Customers Synced with Azure AD

We have an organization of 900 users. We are using Jira Service Desk and trying to setup access for approximately 850 of these users as Portal Only Customers. We have setup user provisioning utilizing Azure AD and Atlassian Access and all users have synced with no issues. The entire user base has been added to a specific Service Desk Project as portal users. Our Service Desk Agents have no issues logging in using SSO, but new users that have been synced get the following error when using SSO for the Service Desk Portal.

Screenshot 2019-09-27 13.55.37.png

The user provisioning documentation says that "You can activate a user's Atlassian account from the identity provider", but I cannot figure out how to do that. 

Any suggestions? 



1 answer

0 votes
Ramon M
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Nov 14, 2019 • edited

Hi Jonathan, 

Thanks for using Atlassian Community. 

The error in your screen shot actually indicates that the user does not have permission to use the enterprise app in Azure side. When the the user tries to login into Atlassian, the login flow will fail on Azure side. The failure is on the SAML Single Sign-on setup, not in user provisioning. 

Usually, there is a single Atlassian Cloud enterprise app on Azure side where you configure both Single Sign On and User Provisioning. Users assigned to that single app will both be provisioned into Atlassian and will be able to use the SSO. 


If the user has been provisioned into the cloud site but is not able to SSO, I suspect you have configured 2 separate enterprise app in Azure side. 

  • Go to
  • Open Enterprise Applications
  • Find the "Atlassian Cloud" app that is configured with Single Sign On for Atlassian.
  • In the app's Users and Groups, add the user. 
  • Request the user to try and login again into Atlassian. 

I hope this helps. 


Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events