We have provisioned Atlassian Cloud via Okta. But users don't get access to Jira & Confluence when we add users to groups provisioned with Atlassian Cloud access. Every time we have to manually update the settings for individuals to get them access. Is there any way users get access to Jira & Confluence once they are added to the groups in Okta which have been added to the Atlassian Cloud application.
Yes.
Cloud has three options for user accounts - it can do them with Atlassian Accounts (like the one you are using to post here), or with Google Accounts, or with Atlassian Access.
Atlassian and Google accounts can be made to work with Okta's SSO, but it's not a direct link into cloud and Okta does not provide the Atlassian or Google account to Atlassian Cloud.
Atlassian Access does take the accounts from Okta (it has lots of other options as well - Active directory, LDAP, etc),
So if you want to "provision" your Cloud accounts from Okta, you have to do it via Atlassian Access.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Nic Brough -Adaptavist- "Okta needs to be connected to Atlassian Access" - does that mean I need to integrate Okta with another application called Atlassian Access instead of Atlassian Cloud?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This is what I see in the Integration tab for Atlassian Cloud in Okta:
Under the Sign On page, sign on method is SAML 2.0 - Default Relay State
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
No, Okta needs to be connected to Atlassian Access.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Nic Brough -Adaptavist- my apologies for being naïve, but I am a Admin who is also learning on the go and this integration was already implemented before I took over.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
But how are you connecting Okta to Atlassian Access?
Sorry, I'm being a bit "broken record" on this, but it seems like you are missing something. The only way to use Okta as a user directory for Atlassian Cloud is to connect it though Atlassian Access.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Nic Brough -Adaptavist- we have created groups only only in Okta and assigned Atlassian Cloud application to these groups. There are no corresponding groups in Atlassian. There are only default access groups in Atlassian. I have attached a screen shot for your reference:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That's what I'm asking you - how are you provisioning the groups and users from Okta through Atlassian access?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Nic Brough -Adaptavist- I am not sure about this. Do you mean we need to create Groups with similar names (as in Okta) in Atlassian as well?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
How have you set that up in Atlassian Access?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Nic Brough -Adaptavist- In Okta groups have been assigned applications like Atlassian Cloud. The users are added to respective groups and this is how the application gets provisioned to the user.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, that's a way to do it, but please could you explain how Atlassian Access is set up with your Okta?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
As mentioned above, we need to know how you have set up Atlassian Access to work with Okta.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
As mentioned above, Atlassian Cloud is provisioned via Okta for users. Users do get assigned with the application, but are unable to access Jira or Confluence, until we manually enable the toggle "Has access to site" for Jira & Confluence under User Management >> <username>
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
How have you set up the Atlassian Access to work with Okta?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.