Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

SSO implementation is too restrictive

We are currently self-hosting Service Desk as part of a portfolio of services to staff and external customers. All of the services support SSO and we are using Auth0 to act as the IdP.

Everyone logs in with their own email address. We create accounts on Auth0 with those email addresses.

With the retirement of the Server range, we've been looking at migrating to Atlassian Cloud but there is one massive brick wall in our way: SSO only works for verified domains.

That simply isn't going to work for our setup because customers can register with any email address they like and we literally cannot verify all domains.

As a result, if we were to migrate to Atlassian Cloud, Service Desk (Service Management) would be the only service in our portfolio that didn't support SSO.

This seems to be down to how Atlassian Access has been built and, at one level, I think I understand it because it means that once I've added Atlassian Access and verified a domain and configured SSO, I can then log on to any Atlassian Cloud product that I have access to - even if it is owned by another Atlassian customer - and I will be logged in with SSO.

But, with the way things stand, I cannot see a solution to this other than moving to a competitive ticketing system. It isn't a decision I want to make, which is why I've started this discussion. I'm hoping that someone can suggest a solution that would allow us to use Atlassian Cloud and allow customers with any email address log in with SSO.


0 answers

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events