We have started to look at the required migration of our Atlassian products to the Atlassian Accounts IDP. The documentation is a little unclear on exactly what will happen in our circumstances.
We currently use Okta Single Sign-on for StatusPage and non-Enterprise accounts for BitBucket. The documentation seems to indicate that when the migration is complete, there will be NO IMPACT to the experience for any user. They will not have to do anything different than they are already doing to get into your cloud products.
Is this a correct statement? After I (the owner/admin) click the “claim accounts” link in the Accounts admin console and connect Okta SSO; the users will not even know anything happened?
The other bit they will see is that authentications are going through Okta. Additionally, they will have to be assigned Atlassian Cloud in Okta to gain/regain access.
We figured as much. This might be a little fun, because we have different user lists for different products. Once we flip the switch, are we able to allocate users to different apps (StatusPage, etc.) so we are not paying for licenses we do not need?
The most annoying thing I have found about Atlassian Access is that it is very easy to select humans that ARE a thing but I can't get the inverse of that to use for a bulk turn off/turn on/whatever.
The big change here is, from the Okta side, you configure to Atlassian Cloud (singular) but IN Atlassian Cloud is where you need to set up product access. If you can, I would recommend building some groups you can rule around for who gets what thing.