Control how users get access to products
There are three ways to invite users to your organization:
Invite them manually from Atlassian Administration.
Connect to Google Workspace or provision users from an identity provider through SCIM.
Configure user access settings to allow users to join your products and invite other users.
This page explains the user access settings you can configure for products in your organization. Users that join your products as a result of your user access settings become licensed users. If you exceed your user limit, we'll let you know by email.
Who can do this? |
Approved domains
You can approve an email domain that you trust, so users from that domain can access your products without an invitation. You might do this when you want to:
approve your company domain, so onboarding is easier for your employees.
approve client domains, so they can always get access.
To approve a domain:
Go to Atlassian Administration. Select your organization if you have more than one.
Select Products > User access settings.
Select Add domain.
Enter the URL for the domain you want to approve.
Select roles for the products you want to give users from this domain access to.
Select the Required checkbox if you want to approve requests for access to that product. If you deselect this checkbox, users from the approved domain can join your product instantly.
Choose when organization admins are notified of new users.
Select Save.
Non-public domains
Non-public domains, also known as private domains, are owned by a company. Examples of private domains are atlassian.com and sony.com. Private domains are hosted on a private server and are more secure than public email domains like outlook.com or gmail.com.
Users from private domains that you haven’t approved are subject to the “Any domain” setting to access your products. By default, we allow them to request access to your products. You might edit this setting if you:
want to make it easier for users from a private email domain to access to your products.
don’t want to allow users from a private email domain to request access to your products.
To edit the “Any domain” setting:
Go to Atlassian Administration. Select your organization if you have more than one.
Select Products > User access settings.
Select Edit for “Any domain”.
Select roles for the products you want to give users from private domains access to.
Select the Required checkbox if you want to approve requests for access to that product. If you deselect this checkbox, users from private domains can join your product instantly.
Choose when organization admins are notified of new users.
Select Save.
Things to note
Users from approved domains:
must create an Atlassian account before logging in to your products.
must verify their account every 6 months.
Customers from approved domains (Jira Service Management only):
must create an Atlassian account before accessing your help center.
must verify their account every 6 months.
User invites
You can allow users to invite people to your products.
To edit your user invitations setting:
Go to Atlassian Administration. Select your organization if you have more than one.
Select Products > User access settings.
Select User invites.
Select an option from the Existing user permissions column for each product. Select “Don’t allow invites” if you don’t want users to be able to invite people to that product. Organization admins and user access admins (centralized user management experience) will still be able to invite users.
Invitation options
Existing user permission | Explanation | When to use this |
|---|---|---|
Invite anyone | This is the most open invitation permission. It allows users to invite anyone from any email domain to your product. An organization admin doesn’t need to approve access for the new user. | This option is best when you trust your existing users to invite and collaborate only with the people they need to. |
Invite approved domains | Users can invite anyone from an approved domain (see Approved domains above). An organization admin doesn’t need to approve access for the new user. | This option is best when you trust existing users to add and collaborate with people from specific domains you’ve approved, as needed. |
Require admin approval | Users can’t invite anyone to your product, but they can request access to your product for themselves or on behalf of someone else. An organization admin needs to approve the request for access. | This option is best if you want to maintain control over who has access to products, but your company doesn’t have an official process in place for people to ask for access. |
Don’t allow invites | This is the most closed invitation permission. Users can’t invite anyone or request access to your product. Organization admins can still invite users. | This option is best if you want to maintain strict control over who has access to products, and your company has an internal request/provisioning process you need people to follow (for example an ITSM solution or helpdesk). |
Customize the message when users aren’t allowed to invite others
You can customize the message that users see when they try to invite people to your products, but you don’t allow invitations.
To customize the message:
Go to Atlassian Administration. Select your organization if you have more than one.
Select Products > User access settings.
Select User invites.
Enter the message you want your users to see in the Customise user invites not allowed message section.
Select Save message to confirm.
Invitation links
You can make invitation links available to give anyone access to a product. You might do this when you want to:
get your team onboarded quickly.
give contractors or clients access quickly.
When you share an invitation link, anyone can use it to join your selected product. For this reason, you should only share links with people you trust. As an added security measure, invitation links automatically expire after 30 days. Additionally, you can turn off invitation links at any time or regenerate a new link.
To generate an invitation link for a product:
Go to Atlassian Administration. Select your organization if you have more than one.
Select Products > User access settings.
Select Invitation links.
Turn on the toggle for the product you want to create an invitation link for. The link will appear below the toggle.
Copy the invitation link and share it with people you want to give access to that product to.
Turn off the toggle when you want to void the invitation link. People will no longer be able to use this invitation link to access your product.
Was this helpful?