Azure AD SSO - 1 domain for several organizations

Hello community,

I plan to implement a SSO (via Azure AD through Access) in my different instances but I have some constraints I would need to clarify first. Here is my situation:

- 2 organisations belonging to the same group
* 1 organisation with 1 instance
* 1 organisation with 3 instances (my organisation)
- 1 common domain for both organisations (group domain)
- 2 Admin teams (1 for each organisation and each can't get access to the other organization)
- 1 organisation would like to do provisioning the other organisation doesn't want it

Is it possible to implement the SSO in that situation ?

Moreover, in my organization I also have external domains I would need to add to my Azure AD but might be already in their own company SSO model. Does it create a blocker for the SSO implementation ?

Many thanks in advance for your support !

1 answer

0 votes

Hello Jon,

Welcome to Atlassian Community!

When using SAML, currently, the only way to identify that the email address is from a verified domain and associated with an IdP is by going to the id.atlassian.com and add the email address.

There are some feature requests suggesting improvements for that:

Please, click on vote and watch to receive updates about the features.

Regards,
Angélica

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Forums

Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Azure AD SSO - 1 domain for several organizations

1 answer

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events