You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
Product settings for authenticating portal-only customers via SSO (aka external customer SSO)
Jira Service Management and Atlassian Access are extending their capabilities to support single sign-on for portal-only customers. This solution is designed to help users outside of your business leverage the authentication credentials you already have for them.
This project is a commitment on our public roadmap for delivery in Q3 of 2023. We are aiming to start an Early Access Program (EAP) in Q3 2023 which will provide access to a small group of customers to provide feedback on the experience. Please reach out to your account representative if you are interested in participating in the EAP. Unfortunately, we cannot guarantee a place for all customers who express interest in the EAP.
Our first release will bring SAML SSO capabilities for Jira Service Management portal-only accounts, followed by a future release of SCIM user provisioning for Jira Service Management portal-only accounts. The SAML-based solution will allow organizations to connect a separate identity provider (e.g. Okta) through Atlassian Access. The users in that directory can be used to authenticate access to the associated Jira Service Management Help Centre. Administrators will have the option to enforce SSO for external customers.
You may be familiar with the domain verification and user claim steps to successfully set up Atlassian Access for your managed users. To support SAML SSO for Jira Service Management portal-only accounts, you do not need to verify any domains or claim any users. This means users with public email domains (e.g. gmail.com) will be able to authenticate and sign-in.
Your customers visiting the Help Centre will be prompted to enter their email address. They will then be redirected to your connected identity provider for authentication before returning to the Help Centre. If a customer already has an authenticated session with the identity provider (e.g. following a link from within an authenticated environment), they can be recognised by the Help Centre and bypass the login experience.
The solution will be packaged as a part of Atlassian Access. This is how it will work:
If you do not have Atlassian Access, you need to subscribe to Atlassian Access to use SSO for portal-only customers. Portal-only customers are free and do not count toward licensed users for Jira Service Management. You only pay for licensed users (Atlassian account with product access). See support documentation for more information.
If you have Atlassian Access already, you don’t incur extra costs adopting SSO for portal-only customers.
If you are interested in joining the EAP, please leave a comment below, or reach out in our feature request ticket.
If you meet the following criteria and are interested in early access please send an email to: firstname.lastname@example.org
Group Product Manager, Jira Service Management
14 accepted answers