Configuring SSO for your Enterprise

Legacy Trello SSO

Legacy Trello SSO is being retired. For all new version of Trello Enterprise, SAML SSO can be offered with Atlassian Access. To maintain existing Trello SSO configurations, please move your SAML SSO configuration to Atlassian Access.

With Trello's legacy SSO implementation, subscribers are able to set up SAML SSO. We support both IDP-initiated and SP-initiated SSO integrations with any SAML 2.0 SSO identity provider. We have pre-built integrations with the following IDPs:

  • Azure AD

  • Bitium

  • G Suite SAML

  • Okta

  • OneLogin

  • RSA SecurID

SSO can be set up as either a convenience or required. If you enforce SSO, this will impact all Trello users on your domain, not just your Enterprise members. This will also impact any former employees still having your corporate email associated with their account.

Identity provider (IDP) initiated login with Atlassian Access

The pre-built Trello integrations listed above do not work with Atlassian Access. Instead, you will need to assign the Atlassian Cloud App to each user to allow SAML SSO authentication through Atlassian Access. 

The Atlassian Cloud app doesn't currently offer an icon to go directly to Trello. Instead, once you've assigned the Atlassian Cloud app to each person in your Identity provider, users will need to go to the Trello login page where they will input their Email Address, click the "Continue" Button, and be redirected to your Identity provider to complete authentication.

To emulate IDP-initiated login,You can assign a bookmark in addition to the Atlassian Cloud app so users can navigate directly to Trello from your Identity provider dashboard. The URL to bookmark is: https://trello.com/ensureSession

Setting up legacy Trello SSO

From the Enterprise Dashboard, you can click on SSO Setup in the left side panel, under the security section:

screenshot_EnterpriseAdministration

Next, you'll fill in the Identity Provider Login URL and the SAML Certificate provided by your SSO provider:

screenshot_IdentityProviderLogin

Below that, you're given your Enterprise's ACS or Consume URL, Identifier URL, and the Trello Login URL, as well as the SAML attributes that your provider needs to pass correctly to Trello for login to work:

screenshot_SAMLAttributes

I want SSO, but don't have Enterprise

Great news—while Trello's implementation of SSO is only available for Enterprise, separately from Trello Enterprise, Atlassian offers Atlassian Access, a product which enables visibility and security across all Atlassian products at your company (including Trello). It gives admins a way to manage users and enforce security policies - like SSO and multi-factor authentication.

For more information about Atlassian Access for Trello, check out these resources:

  • More information about Access here

  • Talk to our Sales team about Access pricing here

Additional Help