https://getsupport.atlassian.com/browse/PCS-288015

This is a pain. Users can apparently create new organizations or sites by accident, and they are slow to be removed, even if they are empty instances.
I get the safeguard to prevent accidental deletion of data, but it should not take this long. Nor should it be this easy to create a new site, for non-administrators.

And it's still on "Gathering Interest", maybe we should buy Enterprise versions of Jira / JSM / Confluence to manage those "new" organizations. Problem will be solved  

I have four sites now outside of my control. How the f*** do I now get rid of them? Thanks Atlassian for creating additional work for me.

The removal of these orgs, which should have not been created in the first place, is also 'so' difficult to do and takes very long.

This needs to be fixed ASAP.

A low-level user just accidentally created a new Premium product on our tenancy incurring additional costs to the business, yet we can't disable this feature. How is this even possible Atlassian!? Massive design flaw. Please fix ASAP.

The removal of these newly created organizations is also a slow and laborious process, adding yet more cost to our business

Some of our users are creating accidentially a new site. This is confusing for our users and makes the overview unclear for our admins. 

• Ability to create new sites for Jira, Confluence, JSD

This option would be really valuable for the Premium version too.

Pasted from JST-989758 Sorry @Shubham, CLOUD-10325 isn’t currently sufficient in my view. IF you were about to address it AND MP-194 then I wouldn’t suggest further changes to this, but given this seems unlikely I think you need to more directly address the design flaws in the current process, (the notifications admins get when receiving requests for apps such as Jira Product Discovery and Compass) DOESN’T have a Reject Request option and needs one B. there’s no justification for differing the ability to reject unwanted addons between tiers in my view (“I don’t object to you offering some more advanced functionality to Premium and Enterprise customers but in cases like this where the things that you’re giving us inferior control over are in my opinion design bugs from Atlassian I strongly suggest you reconsider.”) 

ID-7697 appears to be another version of this issue/request dated from 2021 and owned by an inactive Atlassian user.

This one was created in 2017. No work logged.

Agreeing with all the other people here. This has to be available for all license types. Not every coworker is allowed to do contracts on behalf of the company and the possibility of spoofing the corporate identity is a serious security threat. Having this as an enterprise only feature is like threatening customers to purposefully compromise their security. Simply unacceptable.

As administrators, we require this control for our Jira and Confluence Premium license tiers.  It is very disappointing such a basic control requires an enterprise license at substantially more cost.

Would love to see this feature added for Confluence Premium.

We spend too much time creating accesses and then have to contact users to correct what they've done!

I cannot believe we're still begging for this. It should be a baseline feature.

these features should be default to all tiers.

users should not be able to freely do actions that could end up as unexpected bill to the company!

@Pablo thank you for sharing! This is really useful for dealing with discovered products that users have spun up and finally gives us an easy way to do something about it rather than guiding the user that created the product!

I would still rather the preventative measures that are configurable on Enterprise plans so that we didn't need to do this action after a user has signed up to another product using their managed account.

Ideally the ability to Prevent users from signing up for products will be made available to all Atlassian Access users. Not just Enterprise.

Last week this document was published and it helped me to take control of the products created outside the organization and (most likely) delete them:

https://community.atlassian.com/t5/Atlassian-Access-articles/Take-control-of-unmanaged-products-with-new-enhancements-to/ba-p/2616410

Although I haven't tried to delete yet, but I'm org admin of those products.

This is a lack that can lead to product change.

Company users should have the right to use their corporate accounts to make use of free plans on other Atlassian products, without being considered billable managed accounts. It makes no sense to be asked to upgrade the license of Servicedesk to a higher tier for Trello licenses that are supposed to be free.

Please fix this!

This is the #1 annoyance I have with Atlassian. Please allow premium subscriptions to disable this for users!!! Each time I get notified I contact the user, and they are confused about what they did.

Yes, please add this option for Jira Premium also.

Thank You.

This functionality is VERY NEEDED for Jira Premium.  When can you get this done. 

@Derrick James,  yeah the documentation for this blows, just like everything else for Atlassian.

you need to create a new authentication policy for none IDP managed and non-SSO users  if you have not already  and then change the authentication policy of these other users  to use that.

hope that helps you out. i had to do this for 2k + users.

We are being billed for 75 Atlassian Access users, when we only have 12 JSM users. 

I'm told it's because some employees (that haven't been with the company for years) signed up for a Trello free trial or have access to another company's cloud products. 

I came here from the other closed ticket which provided no solution. It seems it is "as designed" to not help administrators being able to stop users to increase the bills. Very sad indeed.

Hello , We need to have this feature enabled . will be greate

I agree Haddon. This is pretty disappointing. 

I can't imagine that the income gained from these instances is really all that much, and while I acknowledge I have no idea what's going on under the hood, I have to believe this isn't SO much work to implement...so what IS the rationale here?

I get not investing in things like "bulk updating" or "group renaming" to make Jira easier to manage at a day-to-day level...I mean, if Atlassian didn't give us mountains of endless, pointless, and repetitive busywork just to get basic activities accomplished, what would we do all day? However this problem is (as so many others have pointed out) a security risk thing. We spend countless hours and dollars securing and maintaining our corporate instance specifically so Bob in accounting can't accidentally leak PII.

Now I know that Atlassian thinks we're all just vendor-locked at this point and that moving to another tool would be even more painful than putting up with all the garbage they feed us. And you'd be right about that. Today. But it'll be interesting to see what happens when a viable option appears.

'Enhance data security & governance for your Atlassian Cloud products with Atlassian Access' there is even a graphic showing Trello and Bitbucket as a products that will benefit from this enhanced security and governance.... This is marketed to everyone, not just Enterprise customers.

Want to stop 2000 of your managed users from signing up to Trello and increasing your Atlassian Access bill? Tough luck you need to pay for Enterprise.

ACCESS-1468 had votes from ALL ATLASSIAN ACCESS customers who need better control over managed accounts access to products, NOT JUST ENTERPRISE customers.

I don't think Atlassian are so ignorant that they don't already know that this is the case. So personally, I find that the decision to paywall this as an Enterprise only feature, insulting. And something that goes directly against Atlassian core values of 'Don't #@!% the customer'. Also, everyone was pretty excited to see this functionality being worked on and improving so restricting to Enterprise at the last minute doesn't really align with 'Open company, no bullshit'.

If the functionality exists for Enterprise customers now there should be no major technical limitations to enabling this to the rest of the Atlassian Access customers that were marketed a better experience for managing managed users and aren't getting it.

We would also like to see this prioritized and actually delivered.

LOVE how Atlassian hides the add vote and watch options under more. such a scummy design.

Lacking this functionality is an extreme oversight for such a large cloud provider who organizes things at an "Organization" level. If there is an organization with a managed domain...only people with that organization's admin role should be permitted to create products. Seems simple and logical. Step it up @Atlassian!

+1

@Lacey Elliott That's because you CAN'T... The entire reason for this thread... Atlassian keeps pushing that functionality out... I was promised this almost 2 years ago. Still nothing. And their current road map they label as "Shadow IT" STILL will not directly address this issue.

No one at Atlassian understand the security risk or concerns... or cares.

Still trying to figure out how to delete the free site one of our employees created...which should have never been allowed.

+1

We just found one of our users created his own free site that we have no control over using our verified domain and started inviting external users... Why isn't this feature already in place?

Welcome to the issue, @Griffin Jones!

Any updates on when non-Enterprise users might be able to expect this functionality?

Thanks,

This is a very basic requirement for any enterprise.   I control domain x.com but then you allow someone with an email with that domain to create a free account and put data into it that I don't have any control over.    I need control over all aspects of the account using may domain name.  You should be willing to do that because by blocking the free accounts I will be buy more paid licenses.  

+1

What the Atlassian Access rep in Teams 23 said to me last week is that an admin approval mechanism will be implemented so when someone from a claimed domain sets up a new instance, it goes to org-admin approval, and as the previous comments, it's coming in the next "few months".

Still, seeing is believing.

I'm being told my Atlassian Team that this functionality is coming this spring/summer... 

This needs to be enabled for all domain owners.

As an enterprise tool this needs to be available. It's a big security risk

This is another big fail with Atlassian when are they  going to stop billing organizations for their misplanning of application deployment  this goes along with with the TRELLO free debacle

It's a security risk. They should be required to contact the org admins, or at least the site admins.

Remember to also vote here https://jira.atlassian.com/browse/CLOUD-11072 as it's "In Progress"

When will Atlassian stop charging organizations a fee for their mistakes?  It might be time to leave Jira behind

as a global business we want to make sure that our studios don't create their own instances to work seperatly without following the main studio guidance and rules!

Five years! 

I think we need a party to celebrate this birthday. 

We need to be able to disable this feature.

Without proper controls in place, we cannot control the sprawl of new instances.  This feature is a requirement for our company to move to Atlassian Cloud.  Please prioritize appropriately.  Thank you.  

As an enterprise customer, having this control is critical to our ongoing governance of these environments.  Please make this feature a priority otherwise we will need to reconsider our use moving forward.  

It's also a very big security and compliance issue... Not sure why Atlassian can't ever seem to get it together. 

This is an incredibly important part of managing our corporate work streams and security. This needs to be addressed.

I 100% agree. 

Once a company instance is licensed for any set of cloud products, deciding whether or not to create a new domain user MUST be done by the domain admin of the company's instance. Otherwise, "trial accounts" created willy-nilly by any user – and then most often abandoned – become a management nuisance (at the least) or an a ridiculous extra expense to the company. That's not "team work". That's anarchy.

Dear Atlassian - Please give your customers the control they need over account creation within the systems they manage! It's CRAZY that this has been an issue for more than FOUR YEARS!!!  

Under verified domain, we should not allow to create new instance by users.

As an enterprise customer, we would like the ability to restrict the creation of new instances for a claimed domain.  We have had over 20 instances created by random people signing up.  Many times these instances are abandoned or the work belongs in an existing instance.