Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
9
-
Description
Problem Definition
SAML configuration and "managed" Atlassian ID editing options are not available to users on non-verified domains. There is a need for customers to be able to manage these user accounts.
Suggested Solution
- Find a way to bring functionality to all accounts within a given Jira instance.
- We may need to replace or supplement the domain verification process.
- Define a "contractor" account type.
Why this is important
- Customers often have "contractors" or teams using email domains which the customer does not own. SAML and domain verification is not possible, so functionality is not available on these accounts.
- In some cases, changes to a customer website or DNS changes can't be made due to company policy/political reasons.
- An example of this being an issue is a customer has connected to their IDP using SAML, their "contractors" attempt to login, but are unable to gain access to the instance. Entering a fake email address using the verified domain will allow the redirection to the IDP page to occur, but access is not granted as the contractor's domain is not verified.
Workaround
- No workaround.
Attachments
Issue Links
- duplicates
-
CLOUD-10611 SAML implementation - ability to use SAML with unverified domains
- Closed
- mentioned in
-
Page Loading...