Manage your organization’s Atlassian accounts
Gain control over your employee's Atlassian accounts.
Control how users get access to products
You must be an organization admin to change or update these user access settings.
This page covers the settings that control how users get access to products in your organization.
Users with product access also have organization access. Each user that joins your organization takes up a license seat for each of the products they have access to. If you go over the number of users in your plan, we'll let you know by email.
Approved domains
Approve your domains to help users access your products quickly. You might want to use this to:
Approve your company domain so onboarding is easier for your employees.
Approve client domains so they can always get access.
To manage approved domains:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Products > User access settings > Approved domains.
Select Add domain, and enter your domain URL.
Under the Product role column next to your chosen product, select from the following options:
None: Assigns no product role, meaning users won’t have access to your product.
User: Allows users to access your selected product when they are logged in to an account with your domain.
Customer: Assigns the customer role to users who access your Jira Service Management help center. They need to be logged in to an account with your domain. Learn more about Jira Service Management customer accounts
(Optional) Select the Required checkbox in the Admin approval column. This setting requires an organization admin to approve access requests before a user can join the product. Learn more about access requests
For Notify org admins, select one of the following:
When users get access: Organization admins get an email every time a new user joins.
Only when users need admin approval: Organization admins only get an email when product access is requested.
Users on approved domains:
Must create an Atlassian account before logging in to your products.
Can view your products from specific Join Product locations, such as start.atlassian.com
Can join your selected products with or without an invitation.
Must verify their account every 6 months.
Customers on approved domains (Jira Service Management only):
Must create an Atlassian account before accessing your help center.
Can join your selected help center with or without an invitation.
Must verify their account every 6 months.
User invites
Control how existing users in your organization invite new people to your products. Learn how product access works
To enable user invites:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Products > User access settings.
Select User invites.
Select an option from the Existing user permissions column next to your selected product.
Existing user permissions
Here’s an explanation of each user permission setting and when you may want to use it:
Existing user permission | How it works |
|---|---|
Invite anyone | This is the most open invite permission. It allows your existing users to freely invite anyone to your product with any email domain. An organization admin doesn’t need to approve this. Anyone can request access to your product. An organization admin needs to approve the request. When to use it This option is best when you trust your existing users to invite and collaborate only with the people they need to. |
Invite approved domains | Existing users can invite anyone with an email domain you have approved (see Approved domains above). An organization admin doesn’t need to approve this. Anyone can still request access to your product, regardless of their domain. An organization admin needs to approve the request. When to use it This option is best when you trust existing users to add and collaborate with people from specific domains you’ve approved, as needed. |
Require admin approval | Existing users can’t invite anyone to your product, regardless of your approved domain settings. Anyone can still request access to your product for themselves or on behalf of someone else. An organization admin needs to approve the request. When to use it This option is best if you want to maintain control over who has access to products, but your company doesn’t have an official process in place for people to ask for access. |
Don’t allow invites | This is the most locked down permission setting. No one can invite anyone or request access to your product, regardless of your approved domain settings. When to use it This option is best if you want to maintain strict control over who has access to products, and your company has an internal request/provisioning process you need people to follow (for example an ITSM solution or helpdesk). |
Invitation links
Anyone can use invitation links to get access to your organization and start using a specific product. This is useful if you:
Want to get your team onboarded quickly.
Work with contractors or clients who need fast access.
Once you have shared an invitation link, anyone can use it to join your selected product. For this reason, you should only share links with people you trust. As an added security measure, links automatically expire after 30 days. To render old links invalid before the 30 day expiry period, you can turn off invitation links at any time or regenerate a new link.
To send an invitation link to someone:
Go to admin.atlassian.com. Select your organization if you have more than one.
Select Products from the header.
From the left side of the page, select User access settings > Invitation links.
Select the toggle for the product you want to create an invitation link for. The link will appear below the toggle. Users with the link will land in the product selected.
Copy the invitation link and share it with users you want to give product access to.
Users who join via invitation links are added to the default access groups for that product. Learn about default groups and permissions
Was this helpful?