Jira Service Desk not utilizing SAML


I am on Jira Service Desk in the cloud. When I turn SAML on it functions properly when going to the primary Atlassian screen. However, it does not affect the customer’s portal.

Customers are still able to log in using their Jira username and passwords. But, our customers are employees of our business, and we would like to add JSD to their OKTA profile.

Have I missed a setting or has SAML not been implemented for JSD?


1 answer

1 accepted

1 vote
Accepted answer

I placed a support ticket about this and received the following answer.

Thanks for contacting Atlassian Support

Generally speaking, JIRA Users and Service Desk customers authenticate on JIRA via distinct ways. While JIRA Users require an Atlassian Account, which is basically the Atlassian SSO that login users via id.atlassian.com and redirects the session to the desired application, Service Desk customers authenticate directly against JIRA and are not routed via id.atlassian.com. As your SAML is probably to id.atlassian.com, it is very likely that SD Customers will not be able to authenticate via your SSO.

To workaround that, you may want to "convert" your user's account to an Atlassian Account. That will turn SD customers into regular JIRA users but without applications access. That way their login path will be the same as any other JIRA user but they will only have access to the Service Desk Portal.

How to convert Portal Customers to Atlassian Account

  1. Click on the cog icon > User Management
  2. On the left panel, look for "Application Access". In the top right corner, click on "User defaults" and untick all the access boxes. (This is to prevent users from having unwanted access)
  3. Click on "Portal only customers"
  4. Find whoever you want to convert and click on them.
  5. Finally, click on "Convert to Atlassian Account" and accept.

I have a question regarding SAML with Jira. How do customers and service desk agents get counted against license? do they all use license or only service desk agents? Right now I manage user via Jira and only service desk agents count against the license. Customers don't need license. Curious if the same with SAML access. Please advise. 

I just submitted a request for this to Atlassian support. Is there a way to automate this? We want all of our internal portal only customers to be redirected to our SAML ID provider. 

If I understand the prompts, when I manually convert an account it loses access to prior issues they submitted.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Jan 08, 2019 in Jira

How to Jira for designers

I’m a designer on the Jira team. For a long time, I’ve fielded questions from other designers about how they should be using Jira Software with their design team. I’ve also heard feedback from other ...

1,091 views 4 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you