Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to control access of a user to different cloud sites?

Andre Xavier Costa
Andre Xavier Costa September 5, 2024

I had connected Azure AD to our organization, and I have 2 cloud sites (expanding to a third soon). When I configured de "All members of directory - xxx" group (created by the connection of Azure AD) to access my 2nd cloud site, I haven't seen a way to control which cloud site that a particular user can access. Per default, users can access all cloud sites indistinctly.

Could you please point me out to documentation on how I can accomplish that?

Answer
Watch
Like Be the first to like this
122 views

1 answer

0 votes
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 5, 2024

Hi @Andre Xavier Costa 

As you are on a standard plan per site, Each site has its own management.

If you connect your AD to each site and that group is granted access by default in the products on the site, you will have to organize it in the management of the site.

Only if you have an enterprise subscription, you can have multiple sites in one organization.

View More Comments
Andre Xavier Costa
Andre Xavier Costa September 5, 2024

Hi @Marc - Devoteam , thank you for your quick reply! Just to make it clear though:

  • On a standard plan, I can have multiple sites but managed but its own or cannot have multiple sites at all?
  • So to allow/deny access of a particular users on a site, I need to go to each site directory and enable/disable the button "Have access to this site?"? 

Many thanks btw!

Like
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 5, 2024

Hi @Andre Xavier Costa 

To get the terminology clear, if you spin up a Cloud instance you have a created on organization (site) at Atlassian based on your plan (free, standard, premium or enterprise)

So if you have Jira and Confluence, on a plan (free, standard or premium), you have a single instance option for all products.

If you have multiple Confluences and not on Enterprise tier, they all have their own organization and management section, you will have to connect each site to your AD.

In an Enterprise plan you have a single organization, but you can have multiple product instances in the same organization.

e.g. 3 Jira's, 4 Confluences and you can connect those via a single SSO AD setup and manage all the instances

Like
Andre Xavier Costa
Andre Xavier Costa September 6, 2024

Hi @Marc - Devoteam

Yes, this terminology can be quite tricky.

On documentation [https://support.atlassian.com/provisioning-users/docs/understand-user-provisioning/], at sections entitled "How user provisioning works" and "Your organization’s directory syncs to all associated sites", it shows one identity provider for multiple cloud sites; it does not specify a specific plan (such as standard or premium), so I assume it is valid regardless.

You're stating that I should have (for standard plan), one identity provider for each cloud site? Or within a single identity provider, I'd have one SSO AD setup for each cloud? Or anything other than that? 

Like
Marc - Devoteam
Marc - Devoteam
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 9, 2024

Hi @Andre Xavier Costa 

Yes for an organization, but on non enterprise tier you have single Jira instance in your org.

That org needs to be connected to your IDP.

Your other Jira is in a different org, right? So you need to connect that org also to your IDP.

etc..

There is no sync.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events