I have an on prem bitbucket server and want to move to cloud. My domain was verified under the old organization and it is using Ldap, now I want to have the new users and permissions to use SSO, do I need to verify the domain again under the old organization, or there is a way to add the users again and have them authenticate seperately on my cloud instance, until I fully migrate to cloud
Hi @Sahar Yacout ,
Currently Organizations and domain verification only apply to existing Atlassian cloud products and users, so any configuration you have for your Bitbucket Server instance would not be affected. (Although features to support this scenario are on our roadmap!)
If you already have your domain verified and SSO enabled for your organization, then SSO will automatically be applied when users start logging in to Bitbucket Cloud. You don't need to set up a new organization or re-verify your domain. For the users that are still accessing Bitbucket Server, they will continue using their LDAP credentials as they should have been previously.
Hoping that makes sense.
@Dave Meyer Thanks for your reply,I am now an admin on the 2 organizations. The one I created and the old one that already has the domain verified on it. This organization is using managed accounts, can I still set G suite sso and the managed accounts on this organization remain as they are. because users in this organization are using confluence and jira, and I want to bring in bitbucket cloud with SSO without affecting them
@Sahar Yacout yes, however it may still be simpler to set up G Suite on the existing organization. If you configure and enable G Suite, all your managed accounts will remain (assuming the domain you verified is also associated with your company's G Suite organization). That said, SSO for Bitbucket should already be working. I would work with a user (perhaps yourself?) that already signs into Jira or Confluence through SSO, and have them go to bitbucket.org and see if SSO is enforced.
@Dave Meyer I highly appreciate your replies, this is way faster than Atlassian support that r not fully answering my questions.
In my case the current organization is not using SSO yet, it just has our domain approved. Yes the domain verified is the same associated with G suite but SSO for bitbucket is not yet set or working.
Since I already created a test organization and under it had test Confluence My 3 questions now are:
1- How do I get rid of the test Organization I created? Since it is totally useless now. I wished to have 2 organizations, 1 for bitbucket cloud and 1 for the (Jira and confluence) already being used, in order to have different admins for bitbucket Obviously this is not possible.
2- Do I have to use Atlassian Access in order to set SSO? and when I use Atlassian Access, will I stop paying for the current jira and confluence users, and start paying per user for all the productes (in this case it will be Bitbucket, service desk and confluence)?
I currently have around 70 users for confluence, 60 for service desk, and plan to have around 150 for bitbucket. Does this mean I will start paying only for 150 user regardless of how many products they are using?
3-What is the benefit of using SAML SSO above G-suite? if anyways my identity provider is google
Hi @Sahar Yacout ,
It's important to understand that when you enable SSO, it is applied across all Atlassian cloud products and tenants, regardless of whether they are "part" of your organization or not. It's not currently possible to have Bitbucket as "part" of your organization, but when you configure SSO for your org, it will apply to Bitbucket logins also. The admins for Bitbucket are still managed at the team, repo, or workspace level in Bitbucket directly. If you have one organization where you've already verified the domain, and another organization that just contains a link to a product, you can use this process to consolidate in a single organization. https://confluence.atlassian.com/cloud/transfer-products-to-another-organization-967318518.html The old organization should be automatically removed.
Yes, an Atlassian Access subscription is required to enable SSO. It is a separate subscription, in addition to any subscription for Jira, Confluence, JSD, or Bitbucket.
There is very little difference for SSO between the direct G Suite integration and SAML SSO. The primary differences are around user provisioning and directory sync.
Did you know Atlassian Access offers more than SAML single sign-on for Atlassian cloud products, like Jira and Confluence? Whether you're just starting to plan for your organization or in the pr...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events