• 280
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Currently the authentication policies do not support automatic assignment which requires manual action to assign users to policies when they are created.

      Suggestion:

      • Make SCIM synced groups be able to assign authentication policies.
      • Also consider, automatically switching an (existing) account to an SSO policy when they are provisioned and non-billable when they are not. 

      The use case I can share for this is:
      We want only a group of people to be enforced SSO so we make the default authentication policy to be one that is not enforced with SSO but now the need to manually add users to that group of people that should have enforced SSO arises.

            [ACCESS-1041] Automatic assignment of authentication policies

            Eleanor Young added a comment -

            Can you please provide a reference on how to activate the corresponding EAP? We would like to evaluate the changes to Authentication Policies for our Org.

            Eleanor Young added a comment - Can you please provide a reference on how to activate the corresponding EAP? We would like to evaluate the changes to Authentication Policies for our Org.

            Kunwardeep Singh added a comment -

            We are currently in EAP for this feature . Once we have garnered all the feedback - we are planning to release this in Oct'25. 

            Kunwardeep Singh added a comment - We are currently in EAP for this feature . Once we have garnered all the feedback - we are planning to release this in Oct'25. 

            Can we have an update from Atlassian on this one? It has been around for 4 years. Its killing us really. Not all cohorts in our domain use the same tenant. Some use SSO, some dont. Every single new user is a manual process of moving to one auth policy or another. Linking to an automatically maintained group would resolve our issue immediately.

            Anthony Williams added a comment - Can we have an update from Atlassian on this one? It has been around for 4 years. Its killing us really. Not all cohorts in our domain use the same tenant. Some use SSO, some dont. Every single new user is a manual process of moving to one auth policy or another. Linking to an automatically maintained group would resolve our issue immediately.

            Are there anyone looking at this currently? The person who is assigned this task is "Inactive".

            This is a real problem for companies with many users, and the administration of this task takes alot of time to manage for new users.

            The solution of allowing the usage of groups instead of individual members/bulk entry would increase the security of the tenant for the company, since the authentication policy is directly applied to new users being synced in with SCIM provisioning.

            Anders Bratberg added a comment - Are there anyone looking at this currently? The person who is assigned this task is "Inactive". This is a real problem for companies with many users, and the administration of this task takes alot of time to manage for new users. The solution of allowing the usage of groups instead of individual members/bulk entry would increase the security of the tenant for the company, since the authentication policy is directly applied to new users being synced in with SCIM provisioning.

            Any updates? I see that the assignee is no longer with Atlassian.

            Nick E Buono added a comment - Any updates? I see that the assignee is no longer with Atlassian.

            We have actively started investigating this feature and will provide more updates as we have them.

            Holly Makris (Inactive) added a comment - We have actively started investigating this feature and will provide more updates as we have them.

            Mohan Rao added a comment -

            use case can be sorted

            Mohan Rao added a comment - use case can be sorted

            funny, I was just setting up Atlassian Guard with authentication policies. I was wondering, how can I auto assign these policies to users? After 2 sec google search, found this ticket.
            That this is not a basic feature is beyond me. Please implement this asap.

            Eelke van der Nat added a comment - funny, I was just setting up Atlassian Guard with authentication policies. I was wondering, how can I auto assign these policies to users? After 2 sec google search, found this ticket. That this is not a basic feature is beyond me. Please implement this asap.

            I don't understand how this is not a basic feature of Atlassian Access SSO. Do they really expect admins of thousands of users to manually juggle authentication policies?

            Hunter Britton added a comment - I don't understand how this is not a basic feature of Atlassian Access SSO. Do they really expect admins of thousands of users to manually juggle authentication policies?

            It's funny that everytime I look for a feature that should clearly be integrated in Jira, I end up on a ticket like this, some even from over 10 years ago. I am also adding my interest in this.

            André Blum added a comment - It's funny that everytime I look for a feature that should clearly be integrated in Jira, I end up on a ticket like this, some even from over 10 years ago. I am also adding my interest in this.

              5cd8def7e384 Kunwardeep Singh
              6048cd401523 Felipe Oliveira
              Votes:
              377 Vote for this issue
              Watchers:
              271 Start watching this issue

                Created:
                Updated:
                Resolved: