Atlassian Access is a new Identity Management on Cloud released just recently, to replace the Identity Manager. It offers seamless integration to SAML identity providers like Microsoft Azure, OneLogin, Okta, and Centrify.
In this How To article, we will look into how you can setup Atlassian Access and Integrate it with Okta in under 11 minutes
- You need to have your own domain, e.g. johndoe.com
- You need to have at least 1 email using that domain, e.g. email@example.com
1.1 Setup and Domain Verification
- Sign up for a JIRA/Confluence trial via https://www.atlassian.com . Remember to use your own domain email account to sign up for this trial.
- Once the instance is setup and ready, navigate to https://admin.atlassian.com (while being logged in with your own domain email account)
- Click on Domains, then click on the HTTPS tab:
- Download the atlassian-domain-verification.html file, and upload it to the root of your domain
- If you don't have a website to upload html file to, but have access to domain's DNS settings - use DNS option and create a TXT record with provided value:
- Click Verify Domain
- If all goes well, you should see that your domain is verified!
- Next, click on SAML Single Sign-on and you should be prompted to sign up for an Atlassian Access account. Just follow the instructions and Atlassian Access should now be enabled in your instance.
1.2 Setup Okta
- Navigate to okta.com and signup for a trial. You should then land on your user home page.
- Click on Admin
- Then hover over Applications, and click on Applications:
- Click Add Application:
- Search for the Atlassian Cloud application and hit Add:
- Label the application appropriately, select the appropriate applications to enable SAML for, and hit Next:
- In the Sign On Options, choose SAML 2.0. Leave the Default Relay State empty, enter the JIRA and Confluence Base URLs, set the Application Username Format to Email, and click on View Setup Instructions.
- Scroll to somewhere near the bottom of the Instructions where you will see this:
- Navigate back to https://admin.atlassian.com , click on the SAML single signon tab, and input the information from the Okta Setup Instructions into the Atlassian screen:
- Hit Save Configuration in the Atlassian screen, and you should now see the SP Entity ID revealed. Copy the string after the https://auth.atlassian.com/saml/ string:
- Navigate back to Okta, into the Application configuration and paste the Entity ID copied earlier into the Unique ID field:
- Hit Done, and your application should be created.
1.3 User Assignment
- You're almost there! But your users will still not be able to login because they are not assigned yet to the application. To do that, navigate back to the Applications panel:
- Then click Assign Applications
- You should then see a screen similar to this:
- Check the application that you just created, and the list of users you wish to be added to the application. You can also filter this by Okta groups.
- Hit Next, Confirm Assignments (check the usernames are correct). And voila!
1.4 Testing the Integration
In order to test this, simply start a new Incognito browser and navigate to JIRA/Confluence Cloud and enter your email address when prompted. You should be then redirected to login into Okta, which will then log you in automatically to JIRA/Confluence Cloud.
Alternatively, you can also login first to Okta, and then click on any of the Confluence/JIRA chiclets in your user home, which should automatically log you into JIRA/Confluence Cloud
For more information contact us, we are ready to help you out
Also do watch the recording of how this is done!