Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

(Cloud) SSO for Portal-Only users : A Current/Definitive answer !

Andrew Hatch
Andrew Hatch
Contributor
September 26, 2018

Really trying hard to figure this out, but keep hitting dead-ends. I have SSO enabled for Agents working flawlessly, but there seems to be no clear way to simply enable it for users. I can restrict new users to my domain, I can have them self-signup and generate new passwords which works fine. However, to simply have them redirected to our SSO solution (Duo), there just seems to be now clear way.

I've used Zendesk in the past that has a VERY clear option to simply select 'End-Users' and 'authentication method'. I can't seem to see anything on the JIRA Service Desk / Atlassian access portals (Using Cloud).

I notice from the support threads that pricing model/options for Identity Manager/Access have gone through some changes, so that's even more confusing. I'm reading elsewhere that we shouldn't get charged for End-Users using SSO, but I'm still completely confused as to how that's actually accomplished. Any advice ?

Answer
Watch
Like # people like this
2355 views

1 answer

2 votes
Dave Mathijs
Dave Mathijs
Community Champion
August 1, 2024

HI @Prasanna subramaniam , once a domain is verified and the accounts are claimed, you cannot unclaim specific accounts, all the accounts in a claimed domain will be managed.. Create a non-billable policy when you don’t want to pay for certain users. You can only set a non-billable policy as the default policy in the local directory.

You can find more info here: Understand authentication policies

View More Comments
Prasanna subramaniam
Prasanna subramaniam
Contributor
August 1, 2024

Dear @Dave Mathijs , 

Thank you for your response.  Are you saying that the accounts listed as "Available to Claim" cannot be reduced to zero by "unclaiming" them?

If that's the case, enabling the automatic claiming setting will pull in all accounts, which will consume JIRA licenses. Is that correct?

Claim accounts.png

Like
Dave Mathijs
Dave Mathijs
Community Champion
August 1, 2024

@Prasanna subramaniam My apologies, you are correct.

This documentation page provides more info: Verify a domain to manage accounts

Check the following sections:

  • Claim accounts
  • Claim account settings
  • Change claim settings
  • Unclaim accounts

When you unclaim accounts, you no longer manage the accounts and we remove the accounts from your authentication policies. Even though these accounts are no longer managed, users still keep their product access.

To unclaim accounts:

  1. Go to admin.atlassian.com. Select your organization if you have more than one.

  2. This step is different depending on your user management experience:
    - Original: Select Directory > Domains.
    - Centralized: Select Settings > Domains.

  3. Select Unclaim accounts for a domain.

  4. Upload a CSV file with a single column of email accounts you want to unclaim.

    1. Add up to 10,000 email addresses in each CSV file.

    2. The file can't exceed 5MB.

When you unclaim accounts, we notify users on their profiles that your organization no longer manages their accounts.

If you need to, you can claim the accounts again.

Like # people like this
Prasanna subramaniam
Prasanna subramaniam
Contributor
August 1, 2024

Dear @Dave Mathijs ,

Thank you for the response.

I followed all the steps outlined on the Atlassian page and received an email from Atlassian stating, "7 accounts for xxxxxxxx.com were successfully unclaimed." However, I still see these accounts listed.

We are in the Premium version of JIRA, any limitation with the version?

Claim accounts.png

 

Like Meng Her likes this
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian Guard
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security