Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,558,798
Community Members
 
Community Events
184
Community Groups

Implementing SSO with Atlassian Access

Franck Richard
Franck Richard Aug 10, 2020

Hello,

We plan to implement SSO login with Atlassian access. Since I am new to Atlassian products I have questions about the configuration. We have an AD as idp.

1/ when I look in the admin portal I can see that the previous manager has created two organizations. In the first one our domain is verified and there are managed users. In the second one there is no users but it seems all the products are there with data.

Those organizations seem to be linked by managed users... Is it possible to have only one organization?

2/ In which organization should I implement SSO??

3/ When I try to verify the domain in the SAML configuration, there is an error saying that I have to delete the existing verified domain. I can delete it but what will happen then?

A lot of question but some help would appreciated since we are in production.

Thanks in advance

 

Franck

 

Answer
Watch
Like # people like this
347 views

2 answers

0 votes
Franck Richard
Franck Richard Aug 11, 2020 • edited

Hi Marco,

Thanks for your help.

My main target is SSO implementation and the main problem that I have a production site and I am a newbie with Atlassian product, only an IT manager :)

I am a little bit surprised that the managed users are in one organization and the product in another one.

In my understanding I think I have to implement SSO in the first one where domain is validated and users managed...

For sure it would be easier to have only one organization... All the products are already in the second one.

View More Comments
Dave Meyer
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Aug 16, 2020

Hi @Franck Richard ,

Yes, domain verification and users being managed accounts are prerequisites to enabling SSO, so you should configure SSO in that organization. You can follow the link above https://confluence.atlassian.com/cloud/transfer-products-to-another-organization-967318518.html to consolidate the other organization into the one with the domain verified. If you run into any problems, just contact Atlassian support.

It's important to understand that SSO depends only on the domain being verified, not on which products are part of your organization. So when you configure SSO, it's enforced regardless of whether you've transferred the products into the org or not.

Like Davit Mnatsakanyan likes this
Reply
0 votes
Marco Guerrero
Marco Guerrero Aug 11, 2020

Howdy @Franck Richard ,

 

Yeah, you probably want to merge those 2 Organizations into one Organization. The process to do that is by transferring the products from one organization to the other organization . Here it is the Atlassian documentation on how to do that:

 

https://confluence.atlassian.com/cloud/transfer-products-to-another-organization-967318518.html

 

You probably want to keep the organization in which you already have your users logging in, which I assume is the one that has the domain verified and the managed users. That way end users are not impacted.

 

Let me know how it goes or if you have any further questions.

 

Have a great day!!

 

-Marco Aurelio

Reply

Suggest an answer

Log in or Sign up to answer
Identity Manager
Atlassian Access
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

See all events