Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Unknown persons entering our cloud site- how to secure?

On our cloud location a few unknown persons entered,  which were self-created and counted as users. These were from 2 different domains

The persons themselves we re not aware (they were in the domain which was defiend, but were not invited and did not have any stake in the project).

with 1 'unwanted'user i found out how it happened:

******quote

Hi Getjan,

Apologies for the issue. I was attempting to log into my corporate site but was redirected to the standard Jira log in. It had been a while since I had logged in, so I accidentally went to the wrong login (standard login rather than our corporate login). Once I chose Access Using Company, I had the option to choose two groups. This was odd to me but as I have recently returned from an extended leave, and our login is all controlled by our corporate account, I thought perhaps I had to reregister. Once I logged in using my corporate email, I was redirected to an admin screen to choose which group I wanted to log in with. I chose the available group, but it redirected me to your site. As soon as I realized this occurred, I immediately logged out. If you would like to remove me from your site, that would be great. Our email accounts apparently allow access to your site if we register using our corporate account.

******unquote

 

How can we secure this that corporate users are offered only their corporate accound?

 

1 answer

1 accepted

0 votes
Answer accepted

Hello @Friendly Giant,

Thank you for reaching out to Atlassian Community!

On Cloud sites, it’s possible to allow people to create accounts. You can allow specific domains, any domains, or no domain. 

To check if your site is open for people to create accounts, please go to Cog icon > User management > Site access. 

Screen Shot 2021-04-15 at 14.50.19.png

Testing here, it doesn’t seem that it’s open.

Once I chose Access Using Company, I had the option to choose two groups.

I believe that they are talking about admin.atlassian.com and the groups are the same as organizations. 

On your site, I can see only one user with a different domain.

Also, another thing I saw is that, you are Org admin of two Organizations and one of them has two other users with a different domain. If that was the case, they don’t have access to your products because the products are under another organization.

If you still have their contact, if possible, confirm with them what page they were redirected to. If possible, share with us a screenshot, just make sure to hide private information.

Kind regards,
Angélica

Mil Gracias Angélica for feedback, there is no real break because i remoived them;  but i wanted to know how this came about and whether it is expected behavior; which is the case here. . ✨🎈

Like Angélica Luz likes this

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Atlassian Access

See Atlassian Access in action - Live Demo

Did you know Atlassian Access offers more than SAML single sign-on for Atlassian cloud products, like Jira and Confluence? Whether you're just starting to plan for your organization or in the pr...

98 views 0 3
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you