Manage your organization’s Atlassian accounts
Gain control over your employee's Atlassian accounts.
Make Atlassian's global account model work for you
Atlassian has a global account model that makes it easy for people to access products, community resources, and support in the Atlassian ecosystem. It also allows people to log in with one account to multiple products like they can with a Google or Apple account.
The global account model allows an organization admin to administer security and provision users to products in an Atlassian organization.
What is an Atlassian account?
An Atlassian account is a unique digital identity that a person uses to access and authenticate into the Atlassian ecosystem of products and services. The account includes attributes like email address and display name.
What can a user do with an Atlassian account?
An Atlassian account exists independently of the Atlassian products a person has access to. An Atlassian account allows a user access to multiple organizations, products, and services with one set of credentials. The user’s profile settings appear consistently across all Atlassian organizations, products, and services. Learn more about Atlassian accounts
How does an account at Atlassian differ in the Data Center versus in the cloud?
With Data Center, you manage your own infrastructure, and user accounts are local. With the Atlassian cloud, we manage your infrastructure, and user accounts are global.
Local model in Data Center | Global model in the cloud |
|---|---|
You create the different accounts for each product. Users are able to log in to each product individually. Or you can enable single sign-on so they can log in from one place. | You give access to one global Atlassian account across multiple organizations and products. Users are able log in to multiple organizations and products with the same Atlassian account. |
What are Atlassian’s identity types?
An identity type gives you different security and user management controls.
Available identity types at Atlassian
There are several identity types in the Atlassian ecosystem. These are the types of identities at Atlassian that you may encounter as an organization admin.
Identity type | Description |
Managed accounts | These are Atlassian accounts. |
External users | These are Atlassian accounts.
|
Portal-only customers | These accounts are not Atlassian accounts. They only apply to Jira Service Management and not other Atlassian products. This account type is for people outside your company who seek help related to the use of your company’s products or services. |
More about external users and managed accounts
The difference between a managed account and external user is based on whether you claim the account after verifying the domain. The table shows examples of accounts that you may or may not have verified and claimed and whether they would be external or managed.
User type | From the domain verified by Acme? | Is the account claimed? | Account type |
|---|---|---|---|
User with a personal email address: personal@gmail.com | No | No | External user |
User with a company email address: unclaimed@acme.com | Yes | No | External user |
User with a company email address: claimed@acme.com | Yes | Yes | Managed account |
An Atlassian account has these identity types in the context of an organization. This means that someone can be an external user to one organization and a managed account to another organization, as shown in the illustration.
Control security and manage users for identity types
As an organization admin, you need to control the profiles and the security settings that you manage. A user’s identity type impacts its security and user management controls. Refer to the table to understand what’s available for each identity type.
Available security and user management controls
| Managed accounts | External users | Customer (portal-only) accounts |
|---|---|---|---|
How you as an organization admin manage account details and security settings | You prove your company owns the domain so you can change account details and enforce security settings. | You can’t change account details but you can enforce external user security. | You can’t change account details but you can enforce security settings.
|
How you can require users to authenticate | Apply authentication policy with security settings: single sign on, multi-factor authentication, third party log-in, or password. | Control external user access to product data in your organization. Apply external user security settings. | Apply authentication policy with security settings: single sign on and password. |
How you provision users | Set up your identity provider to sync users and groups. You can manage them from your external directory before syncing updates. This means any accounts that you create, deactivate or update from your identity provider get updated in your organization. | Set up your identity provider to sync users and groups. You can manage them from your external directory before syncing updates. Learn about supported operations
| Users can sign up for portal-only accounts or agents can create them.
|
Was this helpful?