How can I manage users from two products in a single user management system?

Jason Huntowski April 24, 2024

Hello Community! I am admittedly lost in some of the Atlassian products. I manage a Jira Software Data Center Environment and am currently rolling out a Confluence On-Prem (server?) environment. This is NOT cloud...I understand the answer for cloud. My question is, for on-prem applications, is there a product that will let me manage access for both Jira Software and Confluence from a single user account/user management screen? Similar to what Cloud has built in inherently. I assume it's either Crowd or Access...or nothing. Adding a layer of complexity, I am already using OKTA for auth and access. Almost wondering if an intergation could be made with OKTA so I don't even have to manage users in JIra or Confluence at all? Sorry for the rambling, but if anyone has any ideas, I would be grateful.

2 answers

0 votes
Robert Wen_ReleaseTEAM_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
April 24, 2024

OK, here are some options you have.

1. Set up your User directory in Jira (internal or synced with LDAP).  On Confluence, set up your Confluence users to authenticate using your Jira directory on you Jira instance.

2. Crowd

3. If you're going to use Okta, you'll need to get the Marketplace apps that handle SAML SSO.  Here's a query on the Atlassian Marketplace that should help. https://marketplace.atlassian.com/search?query=saml

Good luck!

0 votes
Matt Parks
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
April 24, 2024

I haven't used OKTA, but Jira and Confluence both have a built-in Integration with LDAP, which is the way that we use it at my org. It's relatively straightforward and you can set up user/group filters so you only pull in the users/groups from LDAP that you actually care about (so you don't have to pull in every user from your org).

If you go that route, my recommendation is that you have a dedicated AD group for your Jira admins and another dedicated group for your standard users.

You can even set up additional groups to provide read-only/limited access on a project-by-project basis using permission schemes, if you want, so it's pretty flexible.

Suggest an answer

Log in or Sign up to answer