You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
On our cloud location a few unknown persons entered, which were self-created and counted as users. These were from 2 different domains
The persons themselves we re not aware (they were in the domain which was defiend, but were not invited and did not have any stake in the project).
with 1 'unwanted'user i found out how it happened:
Apologies for the issue. I was attempting to log into my corporate site but was redirected to the standard Jira log in. It had been a while since I had logged in, so I accidentally went to the wrong login (standard login rather than our corporate login). Once I chose Access Using Company, I had the option to choose two groups. This was odd to me but as I have recently returned from an extended leave, and our login is all controlled by our corporate account, I thought perhaps I had to reregister. Once I logged in using my corporate email, I was redirected to an admin screen to choose which group I wanted to log in with. I chose the available group, but it redirected me to your site. As soon as I realized this occurred, I immediately logged out. If you would like to remove me from your site, that would be great. Our email accounts apparently allow access to your site if we register using our corporate account.
How can we secure this that corporate users are offered only their corporate accound?
Hello @Friendly Giant,
Thank you for reaching out to Atlassian Community!
On Cloud sites, it’s possible to allow people to create accounts. You can allow specific domains, any domains, or no domain.
To check if your site is open for people to create accounts, please go to Cog icon > User management > Site access.
Testing here, it doesn’t seem that it’s open.
Once I chose Access Using Company, I had the option to choose two groups.
I believe that they are talking about admin.atlassian.com and the groups are the same as organizations.
On your site, I can see only one user with a different domain.
Also, another thing I saw is that, you are Org admin of two Organizations and one of them has two other users with a different domain. If that was the case, they don’t have access to your products because the products are under another organization.
If you still have their contact, if possible, confirm with them what page they were redirected to. If possible, share with us a screenshot, just make sure to hide private information.