SAML now a paid feature

I'm seeking to clarify the recent correspondence I received regarding the change of the SAML authentication over to a paid product. According to the announcement SAML can only be used if you purchase the premium identity offering. The only functionality we use is to authenticate with Microsoft Azure AD so that users don't need to remember another password.

I've just sold Confluence to the business for about 300 users and within a few months being told this feature will almost double the cost of using Confluence (according to website pricing).

We use a number of cloud based systems and single sign-on is a key feature we look for. No other product we use charges for this feature. You could even argue it's simpler because Microsoft handles the login and management of users and passwords.

Is there a way to use SAML without needing to purchase the identity product?

2 answers

1 accepted

3 votes
Susan Ostreicher Community Champion Nov 10, 2017

@Jason Taylor, we're also using authentication through Azure for our Cloud site.  I had the same concern as you when Identity Manager was announced in September.  We started a subscription for 2,000 users before the Cloud pricing changed in July, so for us the percentage increase is even higher -- Identity Manager actually would cost over 6 times more per year than what we paid for the Confluence licenses.  

I contacted Atlassian Support to understand our options, since we've already paid for a year of Cloud licenses upfront but we can't afford to keep using them under Identity Manager.  Unfortunately, the answer I got was that we'd either need to purchase Identity manager or to forgo the rest of our Cloud subscription and switch to Server.  I was also told that there isn't an exact release date for Identity Manager, but Cloud customers will have 30 days notice before the free SAML is discontinued.  

If you use G Suite, you might look into authenticating that way.  I was told there will still be no charge for connecting through G Suite after Identity Manager is launched.  We use G Suite, but unfortunately can't use that approach because Atlassian wasn't able to provide our security team with written documentation of how PII is managed.  

That's really disappointing for you and your company. For me it's quite embarrassing as I fought hard to get Confluence into the business when we're already paying for SharePoint and there are open source wiki alternatives.

We're in the same boat with Confluence pricing as I quickly got in an annual subscription before the licensing was increased. I was basing my calcs on the current web pricing.

That's now twice within a few months that Atlassian have decided to change the pricing with considerable increases. I'm a big fan of cloud based systems but unfortunately you are at the mercy of the vendor because it's not easy to change when you put investment into their platform. I trusted Atlassian wouldn't be that type of company but this shows otherwise.

Thanks for the tip on using G Suite but unfortunately we don't use it.

Hello Jason,

What announcement are you referring to?

@Lars Olav Velle [Kantega Single Sign-on] - most likely this refers to Introducing Identity Manager for Atlassian Cloud products:

Atlassian Cloud customers have received an email "Updates to password policies & Atlassian Cloud administration", advising them now being part of the early access program and thus able to continue Identity Manager's "Enhanced authentication for Atlassian Cloud products" at no charge, whereas "once generally available, you'll be charged for the unique number of users within your organization" (which comes at a premium of $3 user/month).

In other words, Atlassian will indeed charge separately for security features that most other SaaS providers offer as a core part of their product, and have apparently also decided to take away the formerly free password policies to increase the value add of this new offering.

Being an Atlassian Cloud customer myself, I've admittedly been offended by this approach, because the communication seemingly tries to mask the fact that these "Updates to password policies" imply a considerable price hike for current users of this feature.

Besides, I personally think security should never be a feature one has to pay for in the first place (esp. on a multi tenant SaaS platform) and am saddened to see that Atlassian is missing out on the opportunity to lead by example and put the security of their customers first on principle.

Correct, this is the announcement.

Agree with your point on security is not something you should pay extra for. I would even argue that using Azure AD is less work for Atlassian because all user registration, password resets and logins are handled by Microsoft and Atlassian only need to validate the token and what the user is authorised to do.

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Published Thursday in Confluence

Color tables for a shiny Confluence page

...; ## Developed by: Alana Fernando ## Shared with love ## @param style:title=style type|type=enum|required=true|desc=Choose a style.|enumValues=Style1,Style2,Style3,Style4,Style5 ## @param alignment:title...

200 views 10 14
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you