Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,551,690
Community Members
 
Community Events
184
Community Groups

SAML SSO using Atlassian Access

Edited
Ahsan Muhammad
Ahsan Muhammad Nov 16, 2018

Hi,

We are looking to subscribe to Atlassian access for our site which is "companyName.atlassian.net". The reason for subscription to Atlassian access is that we want to enable SSO for Confluence, JIRA and Bitbucket via our own custom IDP for user authentication and authorisation. Right now all the users login through Google sign on. Can we also keep the Google sign on while testing the option of SSO via our IDP, and, it will not affect the users from accessing the content on Atlassian? If there is not the possibility of enabling two different sign on, i.e. Google and our custom IDP then we are thinking of creating test site for testing SSO and then replicating everything on our live Atlassian site. 

 

Best Regards,

Ahsan

Answer
Watch
Like SF x likes this
976 views

1 answer

1 accepted

2 votes
Answer accepted
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Nov 16, 2018

Hi Ahsan,

You can use both methods at the same time by integrating Google via SAML, but it will not be possible, for example, to separate users that will log in via Google and users that will log in via IDP.
I believe that the best option is to create a trial instance to test, so your users will not be affected.

Regards,
Angélica

View More Comments
Ahsan Muhammad
Ahsan Muhammad Jan 09, 2019

 

I have two questions:

Q1: I have successfully entered the SAML configuration for my IDP. On the home page of my atlassian site, I only see "login with google" option. How would I know that my configuration is successfully saved thus letting users to login to the atlassian site using SSO of my IDP and removing Google SSO.

Q2: I have verified the domain successfully using DNS verification type. The domain name is 'companyname-pp.de'. We have email addresses of our employees with the domain ending 'companyname-digital.de'. Can our employees access the atlassian site with their domains or that has to exactly match the verified domain which is 'companyname-pp.de'.

 

Best Regards,

Ahsan

Like
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Jan 15, 2019

Hi Ahsan,

On the login page, they must add the email and then when they press enter it will show a message that it uses SSO and redirect them to the IDP page to login.

When you have a verified domain, only users from that verified domain will be able to log in using SSO, users with another domain will log in using email and password.

Regards,
Angélica

Like
Ahsan Muhammad
Ahsan Muhammad Feb 07, 2019

Hi Angelica,

I want to remove "login with Google" option from my test atlassian site, although i have not connected my test site to GSuite but I still see it. I think the reason for it is that on my live atlassian site there is an integration with Gsuite using the same email domain. Can you please guide me in that?

Regards,

Ahsan

Like
Ahsan Muhammad
Ahsan Muhammad Feb 07, 2019

Hi Angelica,

Another question I have, even though my Gsuite is not integrated as I mentioned but even with the SSO enabled whenever I enter my email address while logging in my test atlassian site, rather than taking me to the login page of my IDP it takes me to the google login. It is perhaps beacause it detects my email is associated with google account. I want my IDP page rather than the google auth page. How can I enforce that?

Regards,

Ahsan

Like
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Feb 12, 2019

Hi Ahsan,

What may be causing this is that someone must have configured GSuite via SAML, so what you've described is the cause of this.
This configuration is set directly on GSuite.

Regards,
Angélica

Like
Reply

Suggest an answer

Log in or Sign up to answer
Identity Manager
Atlassian Access
TAGS
AUG Leaders

Atlassian Community Events

See all events