Atlassian Cloud provisioning via Okta

Pradeep Nene August 16, 2022

We have provisioned Atlassian Cloud via Okta. But users don't get access to Jira & Confluence when we add users to groups provisioned with Atlassian Cloud access. Every time we have to manually update the settings for individuals to get them access. Is there any way users get access to Jira & Confluence once they are added to the groups in Okta which have been added to the Atlassian Cloud application.

1 comment

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 16, 2022

How have you set up the Atlassian Access to work with Okta?

Pradeep Nene August 18, 2022

As mentioned above, Atlassian Cloud is provisioned via Okta for users. Users do get assigned with the application, but are unable to access Jira or Confluence, until we manually enable the toggle "Has access to site" for Jira & Confluence under User Management >> <username>

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 18, 2022

As mentioned above, we need to know how you have set up Atlassian Access to work with Okta.

Pradeep Nene August 18, 2022

@Nic Brough -Adaptavist- Okta-Atlassian is connected with the API integration using the API token.

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 19, 2022

Yes, that's a way to do it, but please could you explain how Atlassian Access is set up with your Okta?

Pradeep Nene August 29, 2022

@Nic Brough -Adaptavist- In Okta groups have been assigned applications like Atlassian Cloud. The users are added to respective groups and this is how the application gets provisioned to the user.

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 29, 2022

How have you set that up in Atlassian Access?

Pradeep Nene August 29, 2022

@Nic Brough -Adaptavist- I am not sure about this. Do you mean we need to create Groups with similar names (as in Okta) in Atlassian as well?

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 29, 2022

That's what I'm asking you - how are you provisioning the groups and users from Okta through Atlassian access?

Pradeep Nene August 29, 2022

@Nic Brough -Adaptavist- we have created groups only only in Okta and assigned Atlassian Cloud application to these groups. There are no corresponding groups in Atlassian. There are only default access groups in Atlassian. I have attached a screen shot for your reference:image (16).png

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 29, 2022

But how are you connecting Okta to Atlassian Access? 

Sorry, I'm being a bit "broken record" on this, but it seems like you are missing something.  The only way to use Okta as a user directory for Atlassian Cloud is to connect it though Atlassian Access.  

Pradeep Nene August 29, 2022

@Nic Brough -Adaptavist- does Okta need to be in the "Connected apps" list:

image (17).png

Pradeep Nene August 29, 2022

@Nic Brough -Adaptavist- my apologies for being naïve, but I am a Admin who is also learning on the go and this integration was already implemented before I took over.

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
August 29, 2022

No, Okta needs to be connected to Atlassian Access.

Pradeep Nene August 29, 2022

This is what I see in the Integration tab for Atlassian Cloud in Okta:

image (18).png

Under the Sign On page, sign on method is SAML 2.0 - Default Relay State

Pradeep Nene September 1, 2022

@Nic Brough -Adaptavist- "Okta needs to be connected to Atlassian Access" - does that mean I need to integrate Okta with another application called Atlassian Access instead of Atlassian Cloud?

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
September 1, 2022

Yes.

Cloud has three options for user accounts - it can do them with Atlassian Accounts (like the one you are using to post here), or with Google Accounts, or with Atlassian Access.  

Atlassian and Google accounts can be made to work with Okta's SSO, but it's not a direct link into cloud and Okta does not provide the Atlassian or Google account to Atlassian Cloud.

Atlassian Access does take the accounts from Okta (it has lots of other options as well - Active directory, LDAP, etc),

So if you want to "provision" your Cloud accounts from Okta, you have to do it via Atlassian Access.

Like Pradeep Nene likes this
Pradeep Nene September 2, 2022

@Nic Brough -Adaptavist- thanks for your help. I will check this out.

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events