We use Okta for federated logins to all Atlassian products. Now we have to add some external users who will have access to only 1 project in Jira and 1 space in Confluence. These users may have their own Atlassian identities. Lets say our company is acme.com and the external user's company is example.com, and the external user's company has validated example.com, if I add them to acme.com's Confluence, would they be considered external users by default?
Is there any way to enforce that these users now have to go through our Okta validation (for acme.com) in addition to logging in to their own IDP (on example.com)?
The help article is not clear about some of these aspects.