Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to manage multi-tenant access with third-party SSO

Ryan Gibbons
Ryan Gibbons
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 11, 2022

We have an Org with multiple tenants beneath it representing different functional areas of the organization. One tenant would like to use SSO for their users with JIT Provisioning.

Is there a way to enable Atlassian Access for a single tenant or a subset of users?

-

Is there a way to enable JIT Provisioning with a third party IdP to allocate new users and deactivate old users using IdP Initiated service calls?

Answer
Watch
Like Be the first to like this
2578 views

1 answer

1 accepted

2 votes
Answer accepted
Dirk Ronsmans
Dirk Ronsmans
Community Champion
August 19, 2022

Hey @Sajit Nair ,

You need to first understand the difference between claiming a domain and making them managed accounts vs using Atlassian Access.

While Access needs managed accounts, claiming a domain does not mean they all will be using access.

https://support.atlassian.com/user-management/docs/what-are-managed-accounts/

https://support.atlassian.com/user-management/docs/manage-your-organizations-atlassian-accounts/

So step one would be to claim the domain and claim the accounts. (this is free/included in your instance subscription)

After that you can trial/enable Atlassian Access and create a separate Authentication Policy (https://www.atlassian.com/software/access/guide/authentication-policies) for those 6-7 users. On that policy you can enable SSO/MFA then but the other users which remain in the default policy will not notice anything.

View More Comments
Sajit Nair
Sajit Nair
Community Champion
August 29, 2022

Thank you @Dirk Ronsmans 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security