Provision and sync users from an identity provider
Make changes in your identity provider to users and groups and sync them to your Atlassian organization.
Require single sign-on for user login
The ability to connect Microsoft Azure AD to Atlassian and begin syncing your nested group structure is available to participants in an early access program. Azure AD for nested groups will be generally available soon. Check updates on progress for release date
Users can either log in with their Microsoft or Atlassian accounts. We recommend that users log in with your Microsoft account through SAML single sign-on. SAML single sign-on is easy to use and more secure from a user perspective, as users only need to remember one set of user credentials.
And it’s easier for you to enforce identity-related security controls at scale. You can secure large groups of users. Before you set up SAML single sign-on, you must complete a sync to claim your domains.
Learn how to configure SAML single sign-on
Enforce single sign-on for users
You must configure SAML single sign-on before you can enforce users to log in through SAML single sign-on.
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Security > Identity providers.
Select your identity provider directory.
From your identity provider directory, go to Authentication policies.
Select Edit to enforce single sign-on for users.
Select Enforce single sign-on and then update your settings.
Learn more about authentication policies
Was this helpful?