Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira Service Desk Cloud SSO tie in to cognito without verified domains

Kevin Goodman
Kevin Goodman
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 24, 2019

We are creating a customer portal in drupal and using the AWS Cognito SAML/SSO service as our authorization. These same customers will be asked to create support tickets in Jira Service Desk.

As part of this effort we'd love to use cognito as the authorization agent for Jira Service Desk. However my research has implied that this is not possible.

I found that the APIs required to do authentication are no longer supported:

https://developer.atlassian.com/cloud/jira/platform/deprecation-notice-basic-auth-and-cookie-based-auth/.

And that the recommended solution is now 'Atlassian Access'. However access works only with verified domains. https://confluence.atlassian.com/cloud/saml-single-sign-on-943953302.html
..."SSO allows a user to authenticate once and then access multiple products during their session, without needing to authenticate with each of those. Note that SSO will only apply to user accounts from your verified domains. "

As our customers are from various other companies we will never, nor could we, have their domains as verified domains.

Is there any solution or option that I'm overlooking to tie in our service desk to our cognito SAML solution? or even some other generic SSO provider? (without verified domains)

It seems like we're stuck just using direct sign in. Would love some ideas or someone to point out something I overlooked.

Thank you.

 

Answer
Watch
Like Be the first to like this
2580 views

1 answer

1 accepted

1 vote
Answer accepted
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 25, 2019

Hello Kevin,

Thank you for getting in touch with Atlassian Community!
To be able to use SAML with your Cloud instance there are some steps that you need to follow and it includes to verify the domain to prove that you own that domain. It's not possible to bypass this verification to allow them to log in using SSO.

These are the three steps that you need to follow to get users to log in using SSO:

- Set up an Atlassian organization
- Verify a domain for your organization
- SAML single sign-on

Regards,
Angélica

View More Comments
Kevin Goodman
Kevin Goodman
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 25, 2019

Thanks for the response Angelica.

I was trying to imply with my question that I understood that and I'm hoping I was wrong.

Where would be the best place to put in a feature request for this?

I understand that it's currently not the intended behavior and not possible. However with many customer using service desk to support their customers that are coming from external businesses (AKA unowned domains), it would make sense to consider supporting SSO solutions where email addresses come from different domains.

Thank you for your help.

Kevin

Like
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 30, 2019

Hi Kevin,

You can create a feature request on jira.atlassian.com on the project CLOUD, because it applies to Jira and Confluence.
The only feature that may be related to what you need is JSDCLOUD-630, but in this case is for customers and not users.
Please, feel free to raise a feature request adding the details about why this feature is important for you.
If you have any other question, please let us know.

Regards,
Angélica

Like
Florian Edian
Florian Edian
Contributor
October 17, 2019

Hi Kevin,

We currently facing a similar issue. I was just wondering if you had reach this suggestion to Atlassian or not?

Regards,
Florian

Like Eric Haskett likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events