Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

I have many users, I want to enable SAML with Entra for some of them...

Robin Ward
Robin Ward
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
December 20, 2024

I have many users with the same domain.

I've verified that domain.

I've only claimed some of the users so far to test, and now I'd like to enable SAML.

If SAML enrolls all managed users, does that mean that even after i've enabled it, only those I claimed will be authenticated through Entra, and the rest can continue as before - even those with the same domain? OR, once I add the Domain to SAML, does it force everyone to use Entra?

Also, will I be able to go back and claim more users, to become managed, once i've got the process right?

Thanks

Answer
Watch
Like Be the first to like this
331 views

2 answers

1 accepted

3 votes
Answer accepted
Hector Menchaca
Hector Menchaca
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 20, 2024

Hello @Robin Ward ,

Welcome to Atlassian Community!

Basically it works this way:

  • You verify the domain and you just claim 5 users let's say.
  • Then you configure SAML SSO - and a SSO authentication policy is created.
  • At this moment exactly any user will login through SAML SSO.
  • You need to add the users to your SAML SSO policy and then enable the policy and only the users on this policy will be able to login with SAML SSO.

You can find more information in the following links:

Thanks!

View More Comments
Robin Ward
Robin Ward
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 6, 2025

So these changes will only ever affect claimed/managed users? And I just need to add those claimed/managed users to the specific Authentication Policy i've setup for SAML Accts to Entra, while unmanaged accts will login as before is that right? 

I understand the Authentication policies, and I have 2 already, one "local auth" and one Entra for SSO.  It seems the only users I can add to either are Managed users.

Like
Reply
0 votes
Aaron Geister_Sentify
Aaron Geister_Sentify
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 20, 2024

I do believe you can add users to specific policies so that you can omit them from the SSO policy but as Hector from Atlassian said it would be better to not claim those accounts that you don't want to force SSO upon. 

Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events