Verifying domains that are not owned by the customer

XMLWordPrintable

    • 9

      Problem Definition

      SAML configuration and "managed" Atlassian ID editing options are not available to users on non-verified domains. There is a need for customers to be able to manage these user accounts.

      Suggested Solution

      • Find a way to bring functionality to all accounts within a given Jira instance.
      • We may need to replace or supplement the domain verification process.
      • Define a "contractor" account type.

      Why this is important

      • Customers often have "contractors" or teams using email domains which the customer does not own. SAML and domain verification is not possible, so functionality is not available on these accounts.
      • In some cases, changes to a customer website or DNS changes can't be made due to company policy/political reasons.
      • An example of this being an issue is a customer has connected to their IDP using SAML, their "contractors" attempt to login, but are unable to gain access to the instance. Entering a fake email address using the verified domain will allow the redirection to the IDP page to occur, but access is not granted as the contractor's domain is not verified.

      Workaround

      • No workaround.

            Assignee:
            Matthew Ho (Inactive)
            Reporter:
            Derrick Nguyen (Inactive)
            Votes:
            10 Vote for this issue
            Watchers:
            13 Start watching this issue

              Created:
              Updated: