Atlassian Access provides enterprise-grade security and management capabilities for administrators of Atlassian cloud tools. Atlassian customers can use Access to centralize security and governance across their entire organization. With features including SAML single sign-on, user provisioning, enforced two-step verification, and an organization audit log, Access lets organizations unify user and policy management, enhance security and compliance, and streamline lifecycle management.
How Access works
Access allows companies to establish control of and apply security policies to all accounts using their domain for Atlassian cloud products, including Jira Software, Jira Service Management, Confluence, Bitbucket, Trello.
When companies set up Access for the first time, they create an Organization, which is a management layer that gives admins the ability to view and apply controls to all Atlassian accounts using an email address belonging to their company.
Once a company has set up an Organization, they can verify their domain, bringing all Atlassian accounts using email addresses from their owned domains under their control.
With your organization created and your domain verified, you can now utilize Atlassian Access to standardize security and centralize administration across all users in your organization.
Access acts as a bridge between Atlassian tools and the company’s existing management software. Access integrates with industry-leading identity and security products like Okta, Idaptive, Google Cloud Identity, Azure AD, and Onelogin for SAML single sign-on and automated user provisioning.
If users don't yet have an identity provider to connect Atlassian Access to, they can also set up enforced two-step verification.
Access also provides admins with full visibility into important activity data through an organization audit log as well as product adoption data through organization insights.
Who does Access benefit
For admins, the task of managing users at scale becomes a matter of ease, as users are automatically provisioned and deprovisioned as they are added, moved, or removed from groups in the organization’s identity provider.
For security teams, ensuring organizational compliance with policies is simplified, with SAML single sign-on, enforced two-step verification, and API token controls.
For employees already using Atlassian cloud products, access to their Atlassian tools becomes even easier, and they don't have to remember yet another password.
For new hires, day 1 becomes much smoother, with a seamless onboarding flow that gives them all the tools they need.
Who should use Access
Access is great for companies that:
Want an additional layer of security
Need help with administration at scale
Seek deeper insight into their organization's use of tools
Work in regulated industries, like healthcare and finance
What Access includes
Access provides enterprise-grade security and administration features, including:
SAML single sign-on (SSO) allows your users to authenticate to Atlassian cloud products through your company's existing identity provider. This means they can access multiple tools with the same set of credentials.
With user provisioning and de-provisioning, access to Atlassian cloud products will be defined by rules set in your external directory. Onboarding and offboarding of users happens automatically whenever a user is added or removed from your external directory.
The organization audit log is a comprehensive log of the activities that take place across all of the Atlassian cloud tools used within your organization. Admins gain insight into the who, what and when of product activity.
Enforce that users in you organization turn on two-step verification in order to log in and access their Atlassian cloud products, in order to keep their account secure even if their password is compromised.
Set different authentication settings based on the subset of users and test functionality, such as the SAML configuration for SSO, on a small number of users before releasing it to the whole organization.
Advance security monitoring and threat protection at scale by connecting Atlassian Access to a CASB, such as McAfee MVISION Cloud, for a centralized view of all Atlassian cloud products and across other cloud services.
API tokens allow a user to authenticate with cloud apps and bypass two-step verification and SSO, and retrieve data from the instance through REST APIs. Token controls allow admins to view, and if necessary, revoke the use of API tokens by their managed accounts.
Prerequisites for Access
In order to use Access, a company must:
Set up an Atlassian Organization
Verify their domain, which requires them to be able to make changes to their web domain’s DNS or HTTPS settings.
Be ready to coordinate with other Atlassian stakeholders in their organization for a company-wide implementation of Access.