You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
Thank you for your engagement on our last update. Based on your feedback, we would like to provide more detail on the following topics:
Security considerations underlying custom domains and how they contribute to the two-level domain requirement
Support for URL redirects, which will provide more flexibility and address most limitations of the two-level domain
The security of our customer’s data is always the top priority at Atlassian. When it comes to custom domains, having a two-level domain plays a critical role in making our solution resilient to potential man-in-the-middle (MITM) attacks.
Atlassian’s platform is designed to be open and allow all Atlassian accounts to collaborate across our products and the organizations using them. Therefore, our approach to custom domains needed to be secure, while supporting our multi-tenant SaaS architecture and global user accounts. This means we prioritized capabilities to detect, contain, and control individual user authentication sessions. By detecting threats using a more “prescriptive” URL structure, including reserved keywords, we fortify our threat detection efforts.
We understand the concerns about the convenience tradeoff of the two-level domain requirement, but security of customer data is our highest priority.
To ensure customers have full flexibility, we support URL redirects, which allow you to create links with a shorter, fully customizable base URL. In this case, you can utilize a redirect to redirect your users to the secure URL.
The link your customers will visit, the one you will use in marketing material for your Help Center.
The link your customers will see in their browser after they arrive.
Thank you for your patience and partnership. We continue to look for ways to improve Atlassian admin and end user usability without compromising security.
Stay tuned as we prepare to begin our early access program for custom domains. We remain on track for delivery this year.