SAML Single Sign-On
Authenticate like
the Fortune 500
Ensure secure access to Atlassian Server or Data Center apps from wherever your users are working. SAML SSO is designed for enterprise user management and scalability.
Authenticate against any identity provider
Out-of-the-box configurations for all IdPs: Okta, Entra (formerly Azure AD), AD FS, OneLogin, Google Cloud Identity, PingOne, and many more.
- Configuration wizard
- Presets & Configuration tutorials per IdP
- Automated Configuration via Metadata
- Single Logout (SLO)
- Supports social login with Facebook, LinkedIn, Twitter, GitHub, Sign in with Apple, or Atlassian (cloud)
Flexible, automatic user provisioning
Provision & deprovision users effortlessly
- Accurate & up to date user info
- In-advance: automatic account creation via the Cloud Identity Provider's API - even before first login
- Just in time: updates during the SSO login process
- Open ID Connect/OIDC
- SCIM 2.0 Connector (experimental)
Automatic user deactivation and reactivation
Save on unnecessary licenses and keep your Atlassian applications secure.
- Disable or delete users
- Cleanup Inactive Users automatically
- Automatic re-enablement when the user tries to login again
Absolutely marvelous. Best implementation for SSO for any application. EVER.
Kevin Kwok, Canada
Map any attribute coming from the IdP
No matter how the IdP sends the information, we can match it to the Atlassian application.
- Attribute mapping
- Powerful transformation presets & templates
- Groovy Scripts
- Sync user profile pictures
- Use IdPs as a source in Linchpin and Communardo User Profiles
Customize your own access management automations
Define how to create and sync group-based permissions to grant the right access to every user.
- Decide which groups should be synchronized without changing your IdP setup
- Default groups
- Default groups for Jira Service Desk
“…, I also want to commend your product for being the single best SSO product I’ve ever worked with. I've integrated over 70 3rd party applications with SAML SSO in the last year and this add-on has been really amazing to work with. Seriously, great job!”
Steve Myers, Security Architect at Kayak
Encryption
Comply with security laws and regulations with customizable signing.
Branding
Customize your user facing pages (error pages, IdP selection, logged in page template…).
Mobile App supported
Ensure a full SSO experience on the Atlassian mobile apps.
Full REST API
Automate your user management configuration.
Custom URLs
Decide when your SSO kicks in with force SSO URLs / non - SSO URLs.
no SSO option
Have full control on when to bypass SSO (temporary users, admins, or automations)
Select between multiple identity providers
Decide how your users will be redirected to their relevant Identity Provider.
- Configurable IdP selection page
- Redirect users based on their input, email domain, or http header
- Prioritize IdPs during migrations
Admin-friendly interface
Developed with a community of 7,000+ Atlassian administrators.
- Diagnostic troubleshooting and debugging tracker with login tracking
- Testing your configuration without global activation
- Automatic re-enablement when the user tries to login again