It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Attempting to set up SSO with GSuite domain *Updated* Edited

Ok here is the scenario. I want to set up SAML SSO with our Gsuite domain so that Jira service desk users do not need to log in (after logging into their google account). We have a trial version of Jira Service desk as well as a trial version of Atlassian Access. Initially I turned on managed accounts through the GSuite Admin setting using my admin account to verify the domain. Big mistake once the user sync completed all users get an confusing email telling them their account is now managed etc. What I want is SAML SSO to start without sending messages to all users. After reading the documentation it seemed that in order to enable SSO I first needed to disable the managed accounts Gsuite connection which I did (resulting in another mass email to all users). After this step the GSuite doamin is no longer verified. I have now sucessfully verified the GSuite domain but I am not getting the option to configure SSO under the Organization - Security - SAML Single Sign On link in the Admin interface. Although the domain shows as verified I am not getting the SAML config options.

Can someone assist me getting SAML set up and then managing the accounts from the GSuite side without sending out emails to everybody without any warning?

Update: Here is the question. Do I need to claim all the accounts from my verified GSuite domain in order to enable SAML SSO? I would like to avoid sending another email to everyone but I will if that is the only way to enable SSO betweent the GSuite domain and Atlassian Access. 

Thanks in advance,

 

Elijah LapsojiraSAML1.pngjiraSAML2.png

1 answer

0 votes
Dave Meyer Atlassian Team May 03, 2020

Hi @Elijah Lapson , check out this answer more details: https://community.atlassian.com/t5/Atlassian-Cloud-Migration/Re-Implications-of-connecting-GSuite-domain-to-Atlassian/qaq-p/1315007/comment-id/106#M106

Yes, you do need to claim the accounts before SSO can be enforced, and unfortunately this does trigger another email to users. This is because until the accounts have been claimed they are not "managed". Once you claim the accounts, they are managed by your organization and this changes what control you have over them, and we're required to notify users of the change to our terms.

Hope this helps,

Dave

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
Community showcase
Published in Atlassian Access

We're launching improved navigation for admins

Hi Atlassian Community, My name is Avni Barman and I am a Product Manager on the Atlassian Access team! One of my top priorities is to help make the administrator's life easier through improved pro...

124 views 0 7
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you