Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Security Setttings for Users from a non managed domain

Hi, i have configured Atlassian access and claimed my company's managed domain, all working great with SSO.

Using Jira and Confluence.

However we have around 30% of the users who are from non managed domains external to our own. I cant find where to set password settings to enforce access limitations. It seems the only place i can only applies to our managed users.

Documentation doesn't seem to match new admin skin and menu options.  I would appreciate any assistance. 


2 answers

I can understand if a user is logging in using another identity provide i.e., "Continue with Microsoft". What I can-not fathom is not having control over the password polices for users who are setting a password that is being stored at Atlassian identity provider. Especially since account minimum passwords are 8 characters and Atlassian does not enforce any other requirements around resets or expiration. This is completely unconscionable and needs to be addressed immediately and not in the next 12 to 18 months.

Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Mar 04, 2022

Hi @WPG ,

We've made quite a bit of progress since my comment from 18 months ago. The guidance on our public roadmap for this capability is Q2-Q3 of calendar year 2022.

 @Dave Meyer    I don't see any updates on the roadmap, can you provide specific details? Also note I am unable to find a means to list the unmanaged users. Can you direct me there as well.

Like Tim Lloyd likes this
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Jun 24, 2022

@kurby we renamed the item on our roadmap to be more clear, apologies that the original link no longer worked. Attached is a screenshot from the roadmap as of this month. We suffered some delays as we focused portions of our team on reliability improvements and are currently expecting to offer an initial solution towards the end of this calendar year.

Screen Shot 2022-06-24 at 1.10.25 PM.png


There is not currently a way to explicitly see a list of all "unmanaged" users in your organization. We define an "unmanaged" user as a user who has access to one of your Jira or Confluence product that is not a managed account. There are instructions here for exporting users with product access to one of your products, and from that point you can filter out the users that are managed accounts based on their email address.

Like Tim Lloyd likes this
Like Tim Lloyd likes this
1 vote
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Aug 02, 2020

Hi @Tim Lloyd ,

Unfortunately we currently don't provide any capabilities for enforcing security policies on unmanaged users (especially since those users could be on domains managed by another organization enforcing their own security policies).

We're aware of the issue and we do plan to introduce some capabilities here in the next 12-18 months. You can track for updates.


Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events