Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Azure AD, Social Accounts and SAML.

David Zahler
David Zahler
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 4, 2019

We are trying to leverage SSO for those that hold Azure AD, social accounts. We have successfully configured for those users that have email addresses within our domain, however, the social accounts are not working and are showing in the log under user provisioning, the accounts are shown as un-managed.

Answer
Watch
Like Be the first to like this
782 views

2 answers

0 votes
Jayant Suneja
Jayant Suneja
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 17, 2021

Hi John,

Thank for confirming that. I think I misread your query at first.

For IDP initiated login user will be redirected to id.atlassian.com but should not be presented with the option to fill in the email address again. Rather on redirection, it should automatically log in the user and redirect the user to the Atlassian site user has access to.

So, the behavior you notice is not the expected one. Check if your Atlassian site URL is correctly updated as Relay state URL with SSO configuration on Azure and try to log in using an incognito window. 

Regards,
Jayant

View More Comments
John M_
John M_
June 18, 2021

Thanks Jayant, 

 

I did have the Relay state URL https://[ourname].atlassian.net configured in the Basic SAML Configuration of the AzureAD Ent Application.

But it was also added next to Sign On URL as explained in Step 16 (under configure-azure-ad-sso) to support SP initiated SSO flow.

I just removed the Sign On URL value and my sign-in went straight through!

The SP initiated flow still works as well, so step 16 may not be needed?

Like
Kieran Caplice
Kieran Caplice
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 18, 2021

@John M_  I believe you need a trailing slash ("/") at the end. This worked for me.

Like
Reply
0 votes
Jayant Suneja
Jayant Suneja
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 17, 2021

Hi John,

Please confirm if SAML SSO is enabled at your Atlassian organization under Security --> Authentication policies, and your account is added under SSO enabled authentication policy.

Regards,
Jayant

View More Comments
John M_
John M_
June 17, 2021

Thanks Jayant for that info.

SAML SSO is enabled and I forgot to mention that I did create an additional authentication policy in which SSO is enforced and I added my test user as a member of that Auth policy.

Are you saying that I shouldn't get the additional prompt for email address?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security