Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,462,167
Community Members
 
Community Events
176
Community Groups

Multiple identity provider support now available in Cloud Enterprise

Hello Atlassian community!

My name is Sandy and I'm a Cloud Trust product marketer, focused on Security. Our team is super excited to share that after a 3-month Early Access Program (EAP) with 17 enterprise customers like yourself, we are now launching multiple identity provider support as generally available in the Cloud Enterprise edition!

MIDP_1.png

Prior to this, customers with Atlassian Access or Cloud Enterprise were only able to connect a single identity provider to implement SAML SSO and SCIM user provisioning to their Atlassian Cloud organization. Today, Cloud Enterprise customers can connect multiple identity providers, which empowers admins to:

  1. Quickly consolidate user management of an acquired company's identity provider within the parent company
  2. Maintain separate identity providers for separate departments' domains within a company
  3. Meet certain data residency requirements where each region needs its own identity provider

Beyond supporting multiple identity providers via the SAML/SCIM protocols, we also introduced several new capabilities to help enterprise administrators:

  • Set a default authentication policy as non-billable, when not synced with an identity provider
  • Connect a Google Workspace and multiple identity providers via SAML/SCIM
  • Link a domain with an identity provider to manage which authentication policy new users land in

MDIP_2.png

For more information about how to connect identity providers to your Atlassian Cloud organization, take a look at our documentation. If you're just getting started with your Cloud Enterprise plan, have a look at our guide here

Are you as excited about this feature as we are? Did you find this information helpful? Please share your thoughts below – we'd love to hear from you! Be sure to take a look at other community members' comments/questions and up-vote those you find interesting.

14 comments

Do you know when we might start to see this roll out to production, @Sandy ? I just looked at two of my orgs and neither of them have that yet. In one of them, it would be so, so helpful; G-Suite groups are rather better organized than the dumpster fire that is Okta. It would be nice to leverage that.

Like # people like this
Sandy Atlassian Team Aug 03, 2022

Hi @Mike Rathwell we appreciate the enthusiasm! We are currently rolling it out so you should see it in your cloud organizations by the end of this week.

Like Dave Liao likes this

That is awesome @Sandy ! I will watch for it and start reading docs on it here. Is there a link to "official" docs for this enhancement yet?

Like Dave Liao likes this

That's a piece of great news! This is going to be a very useful feature for Cloud Enterprise customers.

Thank you @Sandy for sharing the news and the high-level details and benefits of the feature

Dirk Ronsmans Community Leader Aug 08, 2022

Great news @Sandy !

I'm wondering tho, will this also trickly down to Premium customers with Atlassian Access?

Like # people like this

Do we know if it still requires one Atlassian instance to claim each domain?

It seems like this is saying that we can now set up SAML from both COMPANY A and COMPANY B to our single instance, but it’s not clear that it will allow us to set up domain COMPANY B  with their own Atlassian footprint (and Atlassian access) to use SSO into our tenant while retaining control and ownership of their domain to sign into their tenant.

Like # people like this
Craig Nodwell Community Leader Aug 14, 2022

Been waiting for something like this.

Like Ben Magro likes this
Ben Magro Atlassian Team Sep 06, 2022

@Dirk Ronsmans 

We made the decision to not bundle security-related features in Standard and Premium product editions. This means customers on either standard or premium can purchase Access if they require our standard security features like SSO and Audit Logging.

Anything that fits into the more Advance category of security features like Multiple Identity Providers will be packaged in our Enterprise edition as we believe this edition is the best fit for those customers.

I know this is not ideal to hear for some customers, but the decision was not made lightly. 

Ben Magro

Ben Magro Atlassian Team Sep 06, 2022

@Stefanie Sullivan 

We still require a domain claim in order to manage accounts. We have another solution that will allow external users to require 2fa coming in the future.

Like Stefanie Sullivan likes this

@Sandy We really like this feature. It might be beneficial to have this feature for non Enterprise Customers too. In Germany we find a lot SME which have not an enterprise plan or are to small to buy the enterprise plan. But these customers need this feature too. 

Otherwise its very complicated to explain the customer why they need to buy Access for SSO and also a Enterprise Plan to Upgrade Atlassian Access. This is complicated and as described above does not cover all customers. 

Maybe you can add this to Access by default or allow smaller customers to buy this feature. 

Like # people like this

@Ben Magro Will this solution be available for all customers or only Enterprise customers?

Ben Magro Atlassian Team Sep 12, 2022

@Stefanie Sullivan As stated above. Only enterprise customers.

Hi @Ben Magro

This is disappointing that this feature is only available to Enterprise customers, especially taking into consideration that the initial feature request was initiated from my team. and we were granted early access (albeit it never worked). 

I would like to understand why this feature is only made available to enterprise Customers, as we are a relatively large Atlassian consumer and we are desperate need of this functionally. We face the reality of deleting our AD Identity provider in sacrifice of another important initiative.

I look forward to your feedback.

CC: @Jaco Becker @Marco Silva 

Like # people like this

Hi @Ben Magro ,

I share the opinion of other members here.

This feature is mandatory for a lot of companies that don't need all the features of Enterprise licenses. Adding this at least in Premium plan is fore sure a must have if we want to move smoothly from Server to Cloud in a lot of cases.

Available to discuss this more in details with you for uses cases.

Best regards,

Fabrice

Like Andrei Stoica likes this

Comment

Log in or Sign up to comment
TAGS

Atlassian Community Events