Are we able to configure SAML SSO for a specific Atlassian application?

Neo Ze Yuan Matthew January 14, 2021

For illustration purposes, we have a user1 that is granted access to Jira and another user2 that is not granted access to Jira but is granted access to Confluence. The organization that these two users are employed with are using Okta as an IAM solution that will enable SAML SSO for Jira application users (user1) ONLY.

Due to the requirement above, user1 will be assigned the Atlassian application to follow the SAML SSO login workflow but user2 will not be assigned any Atlassian applications. As such, user2 will not be able to login to Confluence by:

1) Logging into Okta as no Atlassian applications are assigned to user2; or

2) Directly logging in through the Atlassian Login page as this will trigger SP-initiated SSO which brings user2 to Okta where no Atlassian application is assigned to the user.

Are there any configurations that we can perform on Atlassian that can allow user2 to access Confluence without having to be redirected to Okta, perhaps through a customization of separate login pages? If not, any alternative options are appreciated. 

1 comment

Ankit
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
January 14, 2021

Hi Neo,

Can you please confirm whether you're using any app or Atlassian's inbuilt sso?

Thanks,

Ankit

Neo Ze Yuan Matthew January 15, 2021

Hey Ankit,

Correct. I am currently using the inbuilt SSO on Atlassian Cloud. 

Thanks for the reply,

Matthew

Ankit
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
January 15, 2021

Atlassian's inbuilt SSO doesn't provide feature to enable SSO for a set of users logging in through credentials and others through Okta. This is because the SSO feature is mainly there for your organization users and it assumes that all the users of the organizations will be using SSO.

Thanks,

Ankit

Neo Ze Yuan Matthew January 17, 2021

Thanks for your reply, Ankit.

I would like to know if we can customize the Atlassian Cloud tenant such that users can be brought to separate login pages depending on the application that they want to access. This way, we can configure SAML SSO for just the Jira login page.

Thanks,

Matthew

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events