It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

SAML for Service Desk customers?

We are using Service Desk Cloud as an internal support tool for our company users. Most of them handle their issues by email. Some make even use out of the support portal, but most don't even know the password of their accounts. Because they have been created automatically when they sent the first email.

I would like to promote the usage of our portal, offer some confluence FAQ articles there etc. But having to sign in  is a nuicance for the customers... Now I figured out that we could use Identiy-Manager to provide single sign on even to my customers, because all have email adresses with the same (managed) domain.

After talking with Atlassian license support, I understood that in future all managed accounts (even the one for Service Desk customers) will be billed with 3 USD per user and month. We have round about 200 active users in our company and I would have to create a (billed) account for everyone (if I see that somebody joined the company)... In addition, I have no idea how to handle resigned users... They keep billed unless I disable them, but since they are not part of our team, I don't know about their leave...  In the end I will have a monthly bill of at least 600 USD that keeps growing - completeley out of my control...

Obviously I can't justify the usage of Identiy-Manager under that circumstances. Are there any alternatives to use Atlassian's cloud services and still provide a smooth experience to my customers?

Thanks a lot for your input and best regards!
Dirk

4 answers

1 accepted

7 votes
Answer accepted

Hello @Dirk Festerling, @Marthine@Danyal Iqbal and @David Miro,

I hope you are all well!

With the product Atlassian Access (Identity Manager) being generally available, some of our customers' concerns were addressed and delivered together, for example, Atlassian accounts that does not have any product license (Customer accounts) are no longer charged on the Atlassian Access billing, only agents (licensed on JSD), which means you can use SAML for them and not pay for these users, you can read more about it here:

We do still have an appropriate feature request for Jira Service Desk customers, those that you can't verify the domain. This is the feature request, please if you haven't done it yet, vote and watch it!

It's thanks to all the feedback received by you, our customers, during the Early Access Program for Identity Manager that we delivered free SAML integration for portal-only users with Atlassian accounts, it matters a lot to us that you keep participating and sharing your insights!

Thank you & best regards,

Rodrigo Becker
Atlassian Cloud Support

Hi Rod,

This makes Service Desk and SAML much more attractive for internal support teams. I appreciate this!

Thanks
Dirk

Hello Rodrigo,

Thanks for your answer on this topic/request. Will Atlassian Access only be available on Cloud or are there ways of enabling it as a service within Server/Data Center applications?

 

Kind Regards,

Stéphane

Hi Stéphane,

Great question! Unfortunately the Atlassian Access product is for the Cloud only, its features are designed to interact exclusively with the Cloud architecture, so it can't be used as a service for Server/Data Center, currently there are no plans on our roadmap to model Atlassian Access for these platforms.

Best regards,

Rod

Like Stephane Veraart likes this
0 votes

Hi, 

You can set your JIRA Service Desk portal to allow anyone raising requests from there without login.

1- Go to JSD configuration to set Customer permissions

Screen Shot 2018-02-21 at 15.04.43.png

2- In your Project setting, set the customer permissions to "Anyone...without logging in".

Screen Shot 2018-02-21 at 15.34.11.png

For the single sign-on on Atlassian Cloud, I think there is no other way than using the  Identity Managers supported by Atlassian Cloud.

You can have a look at this article, they talk about your issue regarding user and IM: https://community.atlassian.com/t5/Identity-Manager-questions/New-Support-Identity-Manager-charges-to-include-charges-for/qaq-p/699837/jump-to/first-unread-message

Hopes it will help.

Cheers,    

Adrien

Do customers count against the license like service desk agents do when using SAML? Right now I manage users via Jira user management. Right now only Service Desk agents require a license customers don't. Is it the same when using SAML access? I plan to use OKTA SAML with Jira.

Danyal Iqbal Community Leader Feb 26, 2018

Yes, customers are counted against the license just like agents when using SAML.

Hi Adrien,

Thanks for you reply! Making our Cloud Instance of Service Desk and the knowledge base public is not really an option. Almost everything in there is classified and for internal use only... 

The article you shared deals with agents and Jira users, and I'm fine with that. But I still don't understand why this applies to Service Desk customers as well. How would you place this Feature in organizations that support a really large internal user base with a Service Desk Cloud instance? Maintain all leaves manually in the IM?

BR
Dirk

Like YC Lian likes this

Hi Atlassian, 

 

I have the same request. It would be nice to create a SAML sign on / app in Okta where we can lead our internal customers to.. 

There is already one for the confluence space, the regular Jira app and Strike?! or something like that. Why not the customer portal. Or maybe im just failing to see the solution somewhere. Can you please help?

 

KR, Marthine

Agree - is there any update or workaround for this? We are trying to avoid.

 

1. Go to Service Desk

2. Type in Email

3. See 'your company uses SSO'

4. Get redirected to SSO login

5. Type in SSO login

6. Load Service Desk Home Page

Like Mason Sanchez likes this

That is reassuring.. So is their going to be a solution?

Did you ever get an answer on this one?  We are in the same situation.    

No solution and no answer, but maybe @Rodrigo Becker can provide insight into this subject.

Thanks for mentioning me here @Stephane Veraart - Really missed it!

Hello @Marthine & @Chad Mellon

Apologies for any delay to get back to you with an answer, it seems I missed to be more specific about my initial answer to all of your questions and that was my mistake, so here you go:

There is already one for the confluence space, the regular Jira app and Strike?! or something like that. Why not the customer portal. Or maybe im just failing to see the solution somewhere. Can you please help?

We feel you on this subject, but that is a limitation in Okta, our product team is already aware and works constantly together with our partners to address such problems, but ultimately, all we can do is forward customer feedback, any priorization will be done by their team, you are welcome to raise this concern with them as well for more visibility.

Thank you & kind regards

Rod

I believe this is the same issue we are up against. After many google searches and communication with Jira over this, still not sure we have a clear response.

The question above maybe the same as mine if anyone has the answer? 

`1. We would like to use Jira Service Desk for our company but internal only, therefore the portal cannot be public.

2. We would like to provide access and promote the portal by providing everyone an app in OKTA, this would be SAML

- The challenge which I can not get a clear response on. Does JIra charge for every customer using the portal when using SAML? I have had 2 different responses from support on this yes and no. 

- We have been told to turn off users are given product application access and therefore will not be counted as part of the licence. This has now been done but still trying to test if we can setup SAML and does not incur licence fee. Still to be determined.

Has anyone else managed to do this?

Hi @pbraund

Can you confirm if the accepted answer to this question covers your concerns? It references the licensing FAQ for Atlassian Access confirming that Atlassian accounts without product licenses won't be charged.

5. Are Jira Service Desk customers billable?

No, Jira Service Desk customers that submit tickets are not counted toward the Atlassian Access bill. Only Jira Service Desk Agents that log in using an Atlassian Access managed account are counted in Atlassian Access.

Apologies if the information provided to you by different engineers was not consistent, if you still have any questions, please let me know, alright?

Thank you & kind regards,

Rod

Appreciate the response @Rodrigo Becker - That is good news for us. I suppose my next question is where/how do you configure this?

@pbraund , it will be the normal flow to configure the SAML integration, all of your users that do not have any product licenses will not count for the Atlassian Access bill automatically, you can actually subscribe for the Atlassian Access trial and export a CSV from your Atlassian organization's managed accounts where you will be able to find the information if the user is billable or not.

If you need further assistance to configure the SAML integration, we support the most popular Identity Providers, this means there are Atlassian Cloud templates there, needing very minimum effort to complete the integration, we also provide information for custom integrations with unsupported Identity Providers, on this case, you can still ask for our help, our limitation is that we will not be able to assist on configurations on the Identity Provider's side, this is our main documentation, you will find specific documentation for each supported Identity Provider there:

If you face any issues or have any questions to make the integration, I'd recommend to raise a support request, since our team will need some information that should not be shared with the public, besides, I hope we can restore your faith on our support to give you consistent guidance on all your issues!

Rod

Suggest an answer

Log in or Sign up to answer
Community showcase
Asked in Atlassian Access

AMA: Cloud Identity & Security with Dave Meyer, Group Product Manager

Update: That's a wrap! Thanks so much for your questions. If you didn't make it for the live AMA, not to worry. Add your questions below and I will get to them ASAP.  Hello Atlassian Community...

1,547 views 15 9
View question

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you