We have different teams in organization using bitbucket. They all have different Bitbucket licensed accounts and managed separately. Team members are invited/ added to the corresponding repos by sending email invite to their official email addresses.
Bitbucket account 1 : firstname.lastname@example.org
Bitbucket account 2: email@example.com
Bitbucket account 3: firstname.lastname@example.org
Bitbucket account 4: email@example.com
We want to enable SSO for only two of the above accounts, let's say (firstname.lastname@example.org, email@example.com) and keep rest of these account's login mechanism using official email ID and password. We do not wish to club these accounts together and each of them has separate admin.
In Atlassian Access we need to specify and verify the domain (someorg.com). Will enabling the SSO affect all the accounts mentioned above. Or SSO will be enabled to a particular account(s) for which we will change the settings. Also if we want to enable SSO for two of the above accounts, how can we do that as admin of these accounts are different and Atlassian access is added at particular account level.
Hi, @akshay sharma, thank you for reaching out to Atlassian Community.
If your organization is managed with Atlassian Access, you can set 2 different authentication policies for your organization, one that enforces SSO for these 2 users, and another that doesn't enforce the SSO for the other users, like this:
An Organization admin can change the authentication policy for these accounts. In order to do that, they can follow the next steps:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Security > Authentication policies.
Select Add policy to create a new one.
I hope this helps, but please feel free to share any additional questions or concerns regarding this case.
Hi @Caroline R,
We do not have Atlassian Access setup as of now, we were trying to set it up. While doing so, we realized that we have a separate "n" number of Bitbucket licensed accounts (different owners/ admins) managed separately.
If I buy an Atlassian access account it will be applicable to the said account and not others, despite the other accounts using corporate email ID as their username.
Please correct me if I am wrong in understanding this.
Hi @akshay sharma,
The Atlassian Access will be applied to the accounts under your verified domain. So if you have users on your Bitbucket workspace that are not under this domain, they won't be affected by Atlassian Access.
You can read more about this subscription here:
Let me know if you have any further questions.