Uploaded image for project: 'Atlassian Access'
  1. Atlassian Access
  2. ACCESS-1506

Provide additional controls for SAML SSO login workflow

    XMLWordPrintable

Details

    • 5

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

    Description

      Currently, when login into Atlassian Cloud will redirect unauthenticated users to the https://id.atlassian.com/login? endpoint. This is an extra step that some end users find inconvenient.

      The following two alternatives could be introduced to simplify the login process for users (that are part of an SSO enforced authentication policy):

      1. Provide an additional setting in the admin.atlassian.com Identity Providers section to enforce that all unauthenticated login attempts to be automatically redirected to the IdP, when navigating to a site URL (as an unauthenticated user)
      2. Alternatively, if the https://id.atlassian.com/login? endpoint cannot be avoided, once the user types its email address, then the email address should be passed to the IdP as an attribute and be pre-populated in the IdP login page. This could be a setting in the Security / Identity Providers section.

      The reason this should be introduced as a setting is because this could become a problem for users that are not part of an SSO enforced policy and need to authenticate locally against id.atlassian.com.

      Attachments

        Issue Links

          is related to

          Suggestion - ACCESS-1314 Pre-fill email of Azure AD login screen when SAML SSO is enforced

          • Gathering Interest

          Activity

            People

              e902c0832f88 Sudesh Peram
              ca528a390f48 Pablo Bastos
              Votes:
              11 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated: