Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Turn off account creation using Gmail

Don Williams
Don Williams November 6, 2017

Many of our users try to use Gmail to login to their account and it's not enabled (nor do we want it enabled) for our account.  So they end up creating an account outside of our site.  Which leads to many issues, which I have 2 questions for:

1) How can I disable their ability to even try logging in with Gmail?

2) How do I get access to the accounts they've created on my domains?

 

Thanks

Answer
Watch
Like Be the first to like this
788 views

1 answer

0 votes
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 7, 2017

Hi Don,

Could you let me know the version of Jira you are working with? Does it happen to be the Cloud account associated with your email for a***a.atlassian.net?

If so, I can take a look at your account and see what's going on.

Kind Regards,
Shannon

View More Comments
Don Williams
Don Williams November 9, 2017

yes that is correct, we are on the cloud version and that address is correct

Like
Don Williams
Don Williams November 9, 2017

Also, I now see that some users are able to actually login with G Suite credentials when it has not been set-up, please advise ASAP

 

thanks

Like
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 10, 2017

Don,

Thank you. Allow me to explain first what is occurring here.

  1. A user navigates to your site, and they are redirected to https://id.atlassian.com if they are not logged in currently.
  2. They have the choice to either Enter email or to click Log in with Google, which they will be able to use if their email address is a Google email address.
  3. If the email address or Google account used is already an account on your instance, they will be logged in.
  4. If the email address or Google account used is not already an account on your instance, but is an account on our internal system, they will receive an error:
    Did you use the wrong account? Your email address email@domain.com doesn't have access to a*****a.atlassian.net We've all got more than one email address these days - are you using the right one? If you're certain you should have access with email@domain.com, contact your administrator.

Please note that any users are able to create accounts themselves from our system, https://id.atlassian.com. This is done either by clicking the Google button, or by entering their email address manually. This cannot be prevented from your end, as they are creating an account in our system, and not your instance.

Rest assured, that even if the users are creating an account on our end, they will not be able to use this to login to your instance, unless you've specifically created an account for them there.

Due to the login process being done through our site, it's not possible to disable this feature. We previously had a feature request for this at ID-6275 but we have decided not to pursue the feature.

You also asked if you can access their Atlassian ID accounts that they created, and you would only be able to do this if you have their current password that was used to setup their Atlassian ID or their Google password.

When you Integrate with G Suite, the main thing that does is allow you to import your users from Google into the instance so that they are created automatically. It is not what is enabling users to be able to login with their Google account.

I hope this is clear, but please let me know if you have any questions about any of this.

Kind Regards,
Shannon

Like
Don Williams
Don Williams November 10, 2017

Thanks for the clarity but I am rather concerned, as I am in the process of implementing Okta.  Will the Google authentication still work after I've gone live with Okta?  Also, we are intended to migrate off of Gmail so how will that effect the individual accounts?

Since I have verified both of my domains why would Atlassian allow this to happen without properly notifying me?

I would like a complete list of users on the Atlassian account for both of my domains so I can reconcile internally.

Thank you

Like
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 13, 2017

Hi Don,

Google authentication will still work provided the email address is a Google account. Okta kicks in if an email types in their email address rather than pressing the Google button. If you come off Gmail, they will no longer be able to use the Google login button. That is the only way it will affect those accounts.

In regards to Atlassian allowing users to create Atlassian IDs with their verified account, it's because the purpose of the verified account does not restrict users from creating an account on our system. It allows you to manage the accounts once created. The reason we don't limit creation of accounts on our own platform is because the Atlassian IDs are used for many other things, such as creating support tickets, logging feature requests, voting and commenting on bugs, as well as using this Community site here. 

Lastly, the ability to include a list of accounts using domains managed by you will be included in a future release of Identity Manager. For more details you can review our Early Access Program for Identity Manager. You can expect this to be rolled out to your instance within the next month or so.

Let me know if you have any questions about this.

Kind Regards,
Shannon

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events