Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SAML for Service Desk customers?

Dirk Festerling
Dirk Festerling February 14, 2018

We are using Service Desk Cloud as an internal support tool for our company users. Most of them handle their issues by email. Some make even use out of the support portal, but most don't even know the password of their accounts. Because they have been created automatically when they sent the first email.

I would like to promote the usage of our portal, offer some confluence FAQ articles there etc. But having to sign in  is a nuicance for the customers... Now I figured out that we could use Identiy-Manager to provide single sign on even to my customers, because all have email adresses with the same (managed) domain.

After talking with Atlassian license support, I understood that in future all managed accounts (even the one for Service Desk customers) will be billed with 3 USD per user and month. We have round about 200 active users in our company and I would have to create a (billed) account for everyone (if I see that somebody joined the company)... In addition, I have no idea how to handle resigned users... They keep billed unless I disable them, but since they are not part of our team, I don't know about their leave...  In the end I will have a monthly bill of at least 600 USD that keeps growing - completeley out of my control...

Obviously I can't justify the usage of Identiy-Manager under that circumstances. Are there any alternatives to use Atlassian's cloud services and still provide a smooth experience to my customers?

Thanks a lot for your input and best regards!
Dirk

Answer
Watch
Like # people like this
11225 views

5 answers

1 accepted

8 votes
Answer accepted
Rodrigo B_
Rodrigo B_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 11, 2018

Hello @Dirk Festerling, @Marthine@Danyal Iqbal and @[deleted],

I hope you are all well!

With the product Atlassian Access (Identity Manager) being generally available, some of our customers' concerns were addressed and delivered together, for example, Atlassian accounts that does not have any product license (Customer accounts) are no longer charged on the Atlassian Access billing, only agents (licensed on JSD), which means you can use SAML for them and not pay for these users, you can read more about it here:

We do still have an appropriate feature request for Jira Service Desk customers, those that you can't verify the domain. This is the feature request, please if you haven't done it yet, vote and watch it!

It's thanks to all the feedback received by you, our customers, during the Early Access Program for Identity Manager that we delivered free SAML integration for portal-only users with Atlassian accounts, it matters a lot to us that you keep participating and sharing your insights!

Thank you & best regards,

Rodrigo Becker
Atlassian Cloud Support

View More Comments
Dirk Festerling
Dirk Festerling June 11, 2018

Hi Rod,

This makes Service Desk and SAML much more attractive for internal support teams. I appreciate this!

Thanks
Dirk

Like
Stéphane Veraart
Stéphane Veraart January 18, 2019

Hello Rodrigo,

Thanks for your answer on this topic/request. Will Atlassian Access only be available on Cloud or are there ways of enabling it as a service within Server/Data Center applications?

 

Kind Regards,

Stéphane

Like
Rodrigo B_
Rodrigo B_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 18, 2019

Hi Stéphane,

Great question! Unfortunately the Atlassian Access product is for the Cloud only, its features are designed to interact exclusively with the Cloud architecture, so it can't be used as a service for Server/Data Center, currently there are no plans on our roadmap to model Atlassian Access for these platforms.

Best regards,

Rod

Like Stéphane Veraart likes this
K_ Yamamoto
K_ Yamamoto
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 28, 2019

Follow-up: If the customer (portal-only user) has an email address verified with Atlassian Access, site-admin can migrate the account to Atlassian account so that the customer can login with SSO.

Screenshot 2019-10-29 14.00.22.pngScreenshot 2019-10-29 14.11.20.png

Vote for JSDCLOUD-630 if you want a customer to login with SSO via customer portal without migration.

Like
Reply
0 votes
Chris Christensen
Chris Christensen January 28, 2021

So I am running into this as well now. I've got an Atlassian Access trial and I was able to configure Okta SSO for access to Jira and Confluence which gets my Dev and IT teams into where they need to be, but I am really looking for a solution to get service desk customers access via Okta and so far all of my good searches are coming up empty.

 

@Rodrigo B_ is there a way to give Jira Service Desk SSO access via Okta to our internal customers?

 

Thanks in advance for the help.

Reply
0 votes
Marthine
Marthine June 20, 2018

That is reassuring.. So is their going to be a solution?

View More Comments
Chad Mellon
Chad Mellon February 15, 2019

Did you ever get an answer on this one?  We are in the same situation.    

Like
Stéphane Veraart
Stéphane Veraart February 18, 2019

No solution and no answer, but maybe @Rodrigo B_ can provide insight into this subject.

Like
Rodrigo B_
Rodrigo B_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 18, 2019

Thanks for mentioning me here @Stéphane Veraart - Really missed it!

Like
Rodrigo B_
Rodrigo B_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 18, 2019

Hello @Marthine & @Chad Mellon

Apologies for any delay to get back to you with an answer, it seems I missed to be more specific about my initial answer to all of your questions and that was my mistake, so here you go:

There is already one for the confluence space, the regular Jira app and Strike?! or something like that. Why not the customer portal. Or maybe im just failing to see the solution somewhere. Can you please help?

We feel you on this subject, but that is a limitation in Okta, our product team is already aware and works constantly together with our partners to address such problems, but ultimately, all we can do is forward customer feedback, any priorization will be done by their team, you are welcome to raise this concern with them as well for more visibility.

Thank you & kind regards

Rod

Like
pbraund
pbraund April 17, 2019

I believe this is the same issue we are up against. After many google searches and communication with Jira over this, still not sure we have a clear response.

The question above maybe the same as mine if anyone has the answer? 

`1. We would like to use Jira Service Desk for our company but internal only, therefore the portal cannot be public.

2. We would like to provide access and promote the portal by providing everyone an app in OKTA, this would be SAML

- The challenge which I can not get a clear response on. Does JIra charge for every customer using the portal when using SAML? I have had 2 different responses from support on this yes and no. 

- We have been told to turn off users are given product application access and therefore will not be counted as part of the licence. This has now been done but still trying to test if we can setup SAML and does not incur licence fee. Still to be determined.

Has anyone else managed to do this?

Like
Rodrigo B_
Rodrigo B_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 17, 2019

Hi @pbraund

Can you confirm if the accepted answer to this question covers your concerns? It references the licensing FAQ for Atlassian Access confirming that Atlassian accounts without product licenses won't be charged.

5. Are Jira Service Desk customers billable?

No, Jira Service Desk customers that submit tickets are not counted toward the Atlassian Access bill. Only Jira Service Desk Agents that log in using an Atlassian Access managed account are counted in Atlassian Access.

Apologies if the information provided to you by different engineers was not consistent, if you still have any questions, please let me know, alright?

Thank you & kind regards,

Rod

Like
pbraund
pbraund April 17, 2019

Appreciate the response @Rodrigo B_ - That is good news for us. I suppose my next question is where/how do you configure this?

Like
Rodrigo B_
Rodrigo B_
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 17, 2019

@pbraund , it will be the normal flow to configure the SAML integration, all of your users that do not have any product licenses will not count for the Atlassian Access bill automatically, you can actually subscribe for the Atlassian Access trial and export a CSV from your Atlassian organization's managed accounts where you will be able to find the information if the user is billable or not.

If you need further assistance to configure the SAML integration, we support the most popular Identity Providers, this means there are Atlassian Cloud templates there, needing very minimum effort to complete the integration, we also provide information for custom integrations with unsupported Identity Providers, on this case, you can still ask for our help, our limitation is that we will not be able to assist on configurations on the Identity Provider's side, this is our main documentation, you will find specific documentation for each supported Identity Provider there:

If you face any issues or have any questions to make the integration, I'd recommend to raise a support request, since our team will need some information that should not be shared with the public, besides, I hope we can restore your faith on our support to give you consistent guidance on all your issues!

Rod

Like
Reply
0 votes
Marthine
Marthine June 11, 2018

Hi Atlassian, 

 

I have the same request. It would be nice to create a SAML sign on / app in Okta where we can lead our internal customers to.. 

There is already one for the confluence space, the regular Jira app and Strike?! or something like that. Why not the customer portal. Or maybe im just failing to see the solution somewhere. Can you please help?

 

KR, Marthine

View More Comments
Anne Talbot
Anne Talbot September 17, 2019

Agree - is there any update or workaround for this? We are trying to avoid.

 

1. Go to Service Desk

2. Type in Email

3. See 'your company uses SSO'

4. Get redirected to SSO login

5. Type in SSO login

6. Load Service Desk Home Page

Like # people like this
Reply
0 votes
Adibou
Adibou
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 21, 2018

Hi, 

You can set your JIRA Service Desk portal to allow anyone raising requests from there without login.

1- Go to JSD configuration to set Customer permissions

Screen Shot 2018-02-21 at 15.04.43.png

2- In your Project setting, set the customer permissions to "Anyone...without logging in".

Screen Shot 2018-02-21 at 15.34.11.png

For the single sign-on on Atlassian Cloud, I think there is no other way than using the  Identity Managers supported by Atlassian Cloud.

You can have a look at this article, they talk about your issue regarding user and IM: https://community.atlassian.com/t5/Identity-Manager-questions/New-Support-Identity-Manager-charges-to-include-charges-for/qaq-p/699837/jump-to/first-unread-message

Hopes it will help.

Cheers,    

Adrien

View More Comments
Deleted user February 22, 2018

Do customers count against the license like service desk agents do when using SAML? Right now I manage users via Jira user management. Right now only Service Desk agents require a license customers don't. Is it the same when using SAML access? I plan to use OKTA SAML with Jira.

Like
Danyal Iqbal
Danyal Iqbal
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 26, 2018

Yes, customers are counted against the license just like agents when using SAML.

Like
Dirk Festerling
Dirk Festerling February 26, 2018

Hi Adrien,

Thanks for you reply! Making our Cloud Instance of Service Desk and the knowledge base public is not really an option. Almost everything in there is classified and for internal use only... 

The article you shared deals with agents and Jira users, and I'm fine with that. But I still don't understand why this applies to Service Desk customers as well. How would you place this Feature in organizations that support a really large internal user base with a Service Desk Cloud instance? Maintain all leaves manually in the IM?

BR
Dirk

Like YC Lian _ServiceRocket_ likes this
Reply

Suggest an answer

Log in or Sign up to answer
Identity Manager
Atlassian Access
TAGS
AUG Leaders

Atlassian Community Events

    See all events