Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

SAML now a paid feature

I'm seeking to clarify the recent correspondence I received regarding the change of the SAML authentication over to a paid product. According to the announcement SAML can only be used if you purchase the premium identity offering. The only functionality we use is to authenticate with Microsoft Azure AD so that users don't need to remember another password.

I've just sold Confluence to the business for about 300 users and within a few months being told this feature will almost double the cost of using Confluence (according to website pricing).

We use a number of cloud based systems and single sign-on is a key feature we look for. No other product we use charges for this feature. You could even argue it's simpler because Microsoft handles the login and management of users and passwords.

Is there a way to use SAML without needing to purchase the identity product?

10 answers

2 accepted

5 votes
Answer accepted
Rodrigo B_ Atlassian Team Jun 12, 2018

Hi Jason,

From the time you posted this question to today, Identity Manager has been launched officially and re-branded to Atlassian Access.

We heard the concerns of our customers regarding the pricing for the product during the Early Access Program and we've made solid changes to it, we'd like to ask you and other community members from this question to check again on the URL below and use the calculator from the first URL, the second URL has FAQs regarding the licensing.

As an example of the change, 2000 users would mean a bill of $ 6,000/month, now with the change the bill is $ 3,250/month, the annual licensing carries the discount equal to 2 months as well.

Additionally, administrators that used Jira Service Desk to serve internal users as customers will still be able to offer SSO for these portal-only users (Without product licenses) without cost to the Atlassian Access billing, more information below as well:

We hope that these changes will make the product more fit to your company's requirements!

Rodrigo Becker
Atlassian Cloud Support

Still way too expensive.

If you use Google, it's built in at no extra cost. Use Microsoft and you want $30 a year per user just to log in.

Like # people like this

Jira should have come with the inbuilt SSO provisioning. It is not acceptable to pay an additional fee per user to enable the SSO. 

I am a big time advocate to using Jira for all our projects for the flexibility the tool offers. Would greatly appreciate if Atlassian would consider the request and remove the fee for enabling SSO for Jira Cloud or Server.

Like # people like this

@Rodrigo B_ Could you also respond to the other comments? Like that it is still too expensive and why even use this fee?

Like # people like this

Guys, we have already started moving to other products, suggest you also start evaluating. Once you are trapped in Atlassian paid products, they will keep changing the pricing and make things chargeable. 

Like # people like this

@Sandeep Shivhare 

List of analog JIRA+Confluence + SSO?

Getting nailed with the pricing increases this last year. It's year after year that Atlassian thinks of ways of over charging customers. I'm looking to leave their solution.  When I talk to them, they simply don't care. Suggestions?

3 votes
Answer accepted

@Jason Taylor, we're also using authentication through Azure for our Cloud site.  I had the same concern as you when Identity Manager was announced in September.  We started a subscription for 2,000 users before the Cloud pricing changed in July, so for us the percentage increase is even higher -- Identity Manager actually would cost over 6 times more per year than what we paid for the Confluence licenses.  

I contacted Atlassian Support to understand our options, since we've already paid for a year of Cloud licenses upfront but we can't afford to keep using them under Identity Manager.  Unfortunately, the answer I got was that we'd either need to purchase Identity manager or to forgo the rest of our Cloud subscription and switch to Server.  I was also told that there isn't an exact release date for Identity Manager, but Cloud customers will have 30 days notice before the free SAML is discontinued.  

If you use G Suite, you might look into authenticating that way.  I was told there will still be no charge for connecting through G Suite after Identity Manager is launched.  We use G Suite, but unfortunately can't use that approach because Atlassian wasn't able to provide our security team with written documentation of how PII is managed.  

That's really disappointing for you and your company. For me it's quite embarrassing as I fought hard to get Confluence into the business when we're already paying for SharePoint and there are open source wiki alternatives.

We're in the same boat with Confluence pricing as I quickly got in an annual subscription before the licensing was increased. I was basing my calcs on the current web pricing.

That's now twice within a few months that Atlassian have decided to change the pricing with considerable increases. I'm a big fan of cloud based systems but unfortunately you are at the mercy of the vendor because it's not easy to change when you put investment into their platform. I trusted Atlassian wouldn't be that type of company but this shows otherwise.

Thanks for the tip on using G Suite but unfortunately we don't use it.

Like # people like this
Rodrigo B_ Atlassian Team Jun 12, 2018

Hi @Susan Ostreicher,

Your feedback was heard, please take a look at my answer to this question and leave your thoughts!

Thank you,

Rodrigo Becker
Atlassian Cloud Support

Thanks, @Rodrigo B_.  We actually completed our migration to Server before these changes were made to the pricing model, but that's good to know.

We were just contemplating rolling out Confluence Cloud to the whole company of about 150 users and now I discover that it'll cost $6000 a year just to let them login with their Azure AD account.

Seriously reconsidering now when you're charging such a ridiculous amount for something that every cloud system vendor I've come across provides this at no extra cost.

We are in the same boat. Having to pay this additional (and extremely expensive) fee makes the use of these Cloud tools somewhat uneconomical and so I expect we'll need to carefully consider what happens going forward. 

Sure, they offer elevated 1 hour support but the chances of actually making use of this in the Cloud are somewhat diminished given that the type of issues you see in the Cloud don't often need such a elevated response time. 

Like # people like this

Same here, completely unacceptable. Just for authentication where most of it is not even handled via Atlassian but Azure AD.

I am not sure if I am going to recommend this product to my customers anymore based on this.

Like # people like this

I'm proposing to a client to use Confluence Cloud over other solutions but now it seems I will have to recommending Confluence Server instead or possibly something else, even with the overhead of managing the server and upgrades.

Few years ago a SSO solution was valuable as a stand alone solution, now it is just expected when you buy any SAAS solution that it can integrate to other auth providers. It is not a requirement to have true single sign on, but it is standard to provide the authentication integration.

Remember many years ago when Confluence Server had a really bad integration with AD? I remember, and I also remember when they integrated parts of Crowd to Confluence Server to make that experience better. No extra charge, just user experience and user happiness was increased.

Now imagine if Confluence Cloud did not exist and only Confluence Server and that Atlassian would be ripping the AD connector out and recommend that people just fork out more money that would double their licensing cost.

Federated Authentication is not an optional extra for SAAS solution, it is a core feature. It is one of the first thing you program when creating a SAAS solution.

Like # people like this

I just recommended my customers a different product because of this. A company who charges 3 times the product cost for an essential security feature doesn't deserve any new user.  (We only wanted to use Confluence) 

We have also started evaluating other products.

Like Nicholas Geil likes this

I agree this is very disappointing.

While SSO is typically a requirement for all products we deploy, Atlassian isn't used by all employees so I would simply have to switch to password based authentication.

Unfortunately for Atlassian, this will make the experience less delightful for users.

This can only discourage uptake of Atlassian cloud products.

I would suggest selling commercial support for assisting users with SAML setup or for any troubleshooting rather than for the core SAML product; and unfortunately will be turning SSO off if we have to start paying for it.

We are also planning to turn off the SAML feature and I know this will frustrate our users. Recently we invested in an enterprise password management system and will be using this to make the transition to a unique password easier for our users.

Guys, we have already started moving to other products, suggest you also start evaluating. Once you are trapped in Atlassian paid products, they will keep changing the pricing and make things chargeable.

My company was just in the process of testing JIRA Cloud and this was one of the first issues i have run into. We also use Azure AD and I use this for plenty of other services, free of charge. There is no reason this should be a paid feature and if we really want to move to the cloud this would be a necessary component. 

Hello Jason,

What announcement are you referring to?

@Lars Olav Velle - most likely this refers to Introducing Identity Manager for Atlassian Cloud products:

Atlassian Cloud customers have received an email "Updates to password policies & Atlassian Cloud administration", advising them now being part of the early access program and thus able to continue Identity Manager's "Enhanced authentication for Atlassian Cloud products" at no charge, whereas "once generally available, you'll be charged for the unique number of users within your organization" (which comes at a premium of $3 user/month).

In other words, Atlassian will indeed charge separately for security features that most other SaaS providers offer as a core part of their product, and have apparently also decided to take away the formerly free password policies to increase the value add of this new offering.

Being an Atlassian Cloud customer myself, I've admittedly been offended by this approach, because the communication seemingly tries to mask the fact that these "Updates to password policies" imply a considerable price hike for current users of this feature.

Besides, I personally think security should never be a feature one has to pay for in the first place (esp. on a multi tenant SaaS platform) and am saddened to see that Atlassian is missing out on the opportunity to lead by example and put the security of their customers first on principle.

Correct, this is the announcement.

Agree with your point on security is not something you should pay extra for. I would even argue that using Azure AD is less work for Atlassian because all user registration, password resets and logins are handled by Microsoft and Atlassian only need to validate the token and what the user is authorised to do.

Like # people like this

We've received an email from Atlassian product advocate in regards to Atlassian Access

Billing and Licensing specialists, and the Atlassian Access team about the situation with your organization account and subscription. Your evaluation of Atlassian Access ended on August 15th, 2018, but there is a grace period of 14 days after your evaluation expires, where SAML SSO with Okta will still function.

We are trying to get a clarification from Atlassian on Access product if this is an Identity Provider type of product and if we are required to pay for the license if we use Atlassian JIRA product as an application. Atlassian JIRA is a Service Provider (SP) in SAML flows with Okta (IDP), which is the Identity Provider in the authentication flows with Atlassian JIRA. 

Could Atlassian Access team comment on this?

Thanks,

What about using this Microsoft Plugin: https://docs.microsoft.com/de-de/azure/active-directory/saas-apps/confluencemicrosoft-tutorial

 

I currently can't try it as I think you need Azure AD P1 license for that.

Hi @Hendrik Nehnes

the plugin you are referring to is not for the Cloud Products. Atlassian Access however is only for Atlassian Cloud. 

So it's two different things.

Cheers,
    Christian

Like Mahesh Kallepalli likes this

Is there any other option for SSO for Jira Cloud with out Atlassian Access.

Hi everybody,

Is there a free option for SSO on JIRA server (7.2)? I've only found paid plugins.

Thanks

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence

What do you think is the most *delightful* Confluence feature? Comment for a prize!

- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...

408 views 23 8
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you