Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Can an organization include a cloud and an on prem site

Sahar Yacout August 5, 2020

I have an on prem bitbucket server and want to move to cloud. My domain was verified under the old organization and it is using Ldap, now I want to have the new users and permissions to use SSO, do I need to verify the domain again under the old organization, or there is a way to add the users again and have them authenticate seperately on my cloud instance, until I fully migrate to cloud

1 answer

0 votes
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 5, 2020

Hi @Sahar Yacout ,

Currently Organizations and domain verification only apply to existing Atlassian cloud products and users, so any configuration you have for your Bitbucket Server instance would not be affected. (Although features to support this scenario are on our roadmap!)

If you already have your domain verified and SSO enabled for your organization, then SSO will automatically be applied when users start logging in to Bitbucket Cloud. You don't need to set up a new organization or re-verify your domain. For the users that are still accessing Bitbucket Server, they will continue using their LDAP credentials as they should have been previously.

Hoping that makes sense.


Sahar Yacout August 5, 2020

@Dave Meyer Thanks for your reply,I am now an admin on the 2 organizations. The one I created and the old one that already has the domain verified on it. This organization is using managed accounts, can I still set G suite sso and the managed accounts on this organization remain as they are. because users in this organization are using confluence and jira, and I want to bring in bitbucket cloud with SSO without affecting them

Sahar Yacout August 6, 2020

@Dave Meyer Can I set G suite and still keep the current managed users?

Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 9, 2020

@Sahar Yacout yes, however it may still be simpler to set up G Suite on the existing organization. If you configure and enable G Suite, all your managed accounts will remain (assuming the domain you verified is also associated with your company's G Suite organization). That said, SSO for Bitbucket should already be working. I would work with a user (perhaps yourself?) that already signs into Jira or Confluence through SSO, and have them go to and see if SSO is enforced.

Sahar Yacout August 10, 2020

@Dave Meyer I highly appreciate your replies, this is way faster than Atlassian support that r not fully answering my questions. 

In my case the current organization is not using SSO yet, it just has our domain approved. Yes the domain verified is  the same associated with G suite but SSO for bitbucket is not yet set or working.

Since I already created a test organization and under it had test Confluence  My 3 questions now are:

1- How do I get rid of the test Organization I created? Since it is totally useless now. I wished to have 2 organizations, 1 for bitbucket cloud and 1 for the (Jira and confluence) already being used, in order to have different admins for bitbucket Obviously this is not possible.

2- Do I have to use Atlassian Access in order to set SSO? and when I use Atlassian Access, will I stop paying for the current jira and confluence users, and start paying per user for all the productes (in this case it will be Bitbucket, service desk and confluence)?

I currently have around 70 users for confluence, 60 for service desk, and plan to have around 150 for bitbucket. Does this mean I will start paying only for 150 user regardless of how many products they are using?

3-What is the benefit of using SAML SSO above G-suite? if anyways my identity provider is google


Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
August 16, 2020

Hi @Sahar Yacout ,

It's important to understand that when you enable SSO, it is applied across all Atlassian cloud products and tenants, regardless of whether they are "part" of your organization or not. It's not currently possible to have Bitbucket as "part" of your organization, but when you configure SSO for your org, it will apply to Bitbucket logins also. The admins for Bitbucket are still managed at the team, repo, or workspace level in Bitbucket directly. If you have one organization where you've already verified the domain, and another organization that just contains a link to a product, you can use this process to consolidate in a single organization. The old organization should be automatically removed.

Yes, an Atlassian Access subscription is required to enable SSO. It is a separate subscription, in addition to any subscription for Jira, Confluence, JSD, or Bitbucket.

There is very little difference for SSO between the direct G Suite integration and SAML SSO. The primary differences are around user provisioning and directory sync.

Like Sahar Yacout likes this
Sahar Yacout August 17, 2020

Thanks Dave

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events