Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,366,080
Community Members
 
Community Events
168
Community Groups

Implementing SSO with Atlassian Access

Hello,

We plan to implement SSO login with Atlassian access. Since I am new to Atlassian products I have questions about the configuration. We have an AD as idp.

1/ when I look in the admin portal I can see that the previous manager has created two organizations. In the first one our domain is verified and there are managed users. In the second one there is no users but it seems all the products are there with data.

Those organizations seem to be linked by managed users... Is it possible to have only one organization?

2/ In which organization should I implement SSO??

3/ When I try to verify the domain in the SAML configuration, there is an error saying that I have to delete the existing verified domain. I can delete it but what will happen then?

A lot of question but some help would appreciated since we are in production.

Thanks in advance

 

Franck

 

2 answers

Hi Marco,

Thanks for your help.

My main target is SSO implementation and the main problem that I have a production site and I am a newbie with Atlassian product, only an IT manager :)

I am a little bit surprised that the managed users are in one organization and the product in another one.

In my understanding I think I have to implement SSO in the first one where domain is validated and users managed...

For sure it would be easier to have only one organization... All the products are already in the second one.

Dave Meyer Atlassian Team Aug 16, 2020

Hi @Franck Richard ,

Yes, domain verification and users being managed accounts are prerequisites to enabling SSO, so you should configure SSO in that organization. You can follow the link above https://confluence.atlassian.com/cloud/transfer-products-to-another-organization-967318518.html to consolidate the other organization into the one with the domain verified. If you run into any problems, just contact Atlassian support.

It's important to understand that SSO depends only on the domain being verified, not on which products are part of your organization. So when you configure SSO, it's enforced regardless of whether you've transferred the products into the org or not.

Like Davit Mnatsakanyan likes this

Howdy @Franck Richard ,

 

Yeah, you probably want to merge those 2 Organizations into one Organization. The process to do that is by transferring the products from one organization to the other organization . Here it is the Atlassian documentation on how to do that:

 

https://confluence.atlassian.com/cloud/transfer-products-to-another-organization-967318518.html

 

You probably want to keep the organization in which you already have your users logging in, which I assume is the one that has the domain verified and the managed users. That way end users are not impacted.

 

Let me know how it goes or if you have any further questions.

 

Have a great day!!

 

-Marco Aurelio

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS

Atlassian Community Events