-
Suggestion
-
Resolution: Fixed
-
None
-
394
-
Problem
Currently, Atlassian Access applies a single configuration to an Identity Provider(IdP) for an organization, which applies to all Atlassian accounts on any of that organization's verified domains. This poses a problem for organizations that are using multiple IdPs for users that share the same email domain or if an organization needs multiple SSO/provisioning configurations to support their use cases.
Solution
Provide a way for organizations to apply multiple SSO via SAML and/or provisioning(SCIM) configurations to different users on the same domain.
Hi everyone,
This feature is now shipped in the Atlassian Cloud Enterprise Plan The documentation for this feature can be found here: https://support.atlassian.com/provisioning-users/docs/add-identity-providers-to-connect-users/
We made the decision to not bundle security-related features in Standard and Premium product editions. This means customers on either standard or premium can purchase Access if they require our standard security features like SSO and Audit Logging.
Anything that fits into the more Advance category of security features like Multiple Identity Providers will be packaged in our Enterprise edition as we believe this edition is the best fit for those customers.
I know this is not ideal to hear for some customers, but the decision was not made lightly.
Ben Magro
Product Manager, Cloud Security
- duplicates
-
- Closed
- is duplicated by
-
- Closed
- is related to
-
- Closed
-
- Closed
- relates to
-
- In Progress
-
- Closed
- supersedes
-
- Closed
- mentioned in
-
Page Loading...
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
[ACCESS-572] Allow multiple Identity Provider(IdP) configurations for a single org and domain
| Remote Link | New: This issue links to "Page (Confluence)" [ 775801 ] |
| Link | New: This issue relates to ACCESS-1526 [ ACCESS-1526 ] |
| Link |
New:
This issue duplicates |
| Remote Link | Original: This issue links to "Page (Confluence)" [ 640811 ] |
we are 500 people organisation using multiple google domains, goingwith enterprise means we will paying for 800 people - doubling the cost
| Remote Link | Original: This issue links to "Page (Confluence)" [ 595503 ] |
Seems it is not possible to have a test environment (due to verified domains), nor to switch SSO from one IDP to another without an Enterprise plan. :sadface:
If I have three different site URLs, And we create three different Azure AD Enterprise Applications. Can we then have three different managed accounts directories so that we can keep each managed user account in Directory A, B or C and prevent all users from being synced to all sites?
https://getsupport.atlassian.com/browse/MOVE-131265