Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Can I have local users in JIRA cloud even though I have SAML enabled on my company.com domain?

Tony Montoya
Tony Montoya October 25, 2019

I bought Atlassian Access and I plan to integrate it into our IDP on our company.com domain.  I have a number of 3rd party vendors however, that will need to access my site that will never have a company.com email address.

 

Is it possible to have both Access.Domain.SAML users and local (non-domain) users at the same time?

Answer
Watch
Like Be the first to like this
1466 views

1 answer

1 vote
Petter Gonçalves
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 28, 2019

Hello Tony,

Thank you for reaching out.

The quick answer to your question is: Yes, you can have both your internal team logged with SAML and the third-party users logged with their respective Atlassian Accounts, you just need to have properly invited them to your site or configured your instance in a way they can self sign-up.

As mentioned in this thread, here's the authentication flow when you mixed those two authentication options:

  1. When you are trying to login to Atlassian Cloud, the login form asks you to enter your email address first
  2. The login form behaves based on your email address:
    • If the entered email address's domain is verified and its organization enables SAML integration, you will be redirected to the SAML IdP's form
    • If not, you will be asked to enter your Atlassian Cloud's password

Screenshot 2018-06-22 10.33.59.png

Of course, you will not be able to configure any two-step verification methods for those third-party vendors as you will do for your domain verified accounts. 

Let me know if you have any questions about the information provided. 

View More Comments
Santhosh ESS
Santhosh ESS November 20, 2019

Hi,

Is there any solution for the same problem in Jira server ?

Thanks.

Like
Petter Gonçalves
Petter Gonçalves
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 20, 2019

Hello @Santhosh ESS

Could you please give us more details of what you are trying to achieve? JIRA Cloud has its own directory on Cloud, however, JIRA Server must be integrated with an Active directory.

Can you please provide us what you are trying to achieve exactly?

Like
Santhosh ESS
Santhosh ESS November 20, 2019

Hi Petter, we are in the process of migrating all our projects to Jira data center from server. In DC, by default we got SAML plugin and we configured that in Jira with Azure AD(All our organization users are in Azure AD). It's working fine as expected. But, we also have some external users and they will not have our company email address. Now, both internal and external users should e able to access Jira:

1. External users will have to access Jira through https://myjira.in/login.jsp

2. Internal users will have to access Jira through SSO url i.e., https:/myjira/plugins/servlet/saml

We don't want to have any confusion for users and everyone should login using same url.

Please suggest a solution for this problem.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events