Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

So I want to implement SAML from Azure AD to Atlassian. When I verify the domain I see all the staff who have individually signed up to Atlassian using the same domain name. I have set the Product Access to automatically assign the new site to users logging in from that domain. However this doesn't seem to work - presumably because the user already exists without site access. Should I delete all the existing users and get them to sign in again or is there a way to assign site access to these existing users.

1 answer

1 accepted

0 votes
Answer accepted
Dave Meyer Atlassian Team May 13, 2019

Hi @Marlo Atlassian, if you have configured Site Access to allow any user to join the site from the domain, you should not need to delete existing users. However it is a "just-in-time" joining, so users need to actually visit the site for the first time before they will be added.

You can assign them manually by simply inviting them to the site.

If you have SAML SSO set up, it should be no different. When the user visits the site for the first time, they will be redirected to your SSO provider to log in. If the user doesn't have an Atlassian account, we will create one on the fly. Whether or not we have to create a new account, it should be added to the site if the Site Access settings are correct. 


Im on self hosted Jira application trying to enable SAML. Any doc that i can follow? Please help me

Suggest an answer

Log in or Sign up to answer
Community showcase
Published in Atlassian Access

Atlassian Access Demo Q&A Recap

Hi Community! Thank you to all who joined our ongoing monthly Atlassian Access demo! We have an engaging group of attendees who asked many great questions. I’ll share a recap of frequently ask...

1,502 views 5 5
Read article

Atlassian Community Events