An overview of Atlassian Access

An overview of Atlassian Access

Observatory

About Atlassian Access


Atlassian Access provides enterprise-grade security and management capabilities for administrators of Atlassian cloud tools. Atlassian customers can use Access to centralize security and governance across their entire organization. With features including SAML single sign-on, user provisioning, enforced two-step verification, and an organization audit log, Access lets organizations unify user and policy management, enhance security and compliance, and streamline lifecycle management.

How Access works


Access allows companies to establish control of and apply security policies to all accounts using their domain for Atlassian cloud products, including Jira Software, Jira Service Desk, Confluence, Bitbucket, Trello. 

When companies set up Access for the first time, they create an Organization, which is a management layer that gives admins the ability to view and apply controls to all Atlassian accounts using an email address belonging to their company.

Once a company has set up an Organization, they can verify their domain, bringing all Atlassian accounts using email addresses from their owned domains under their control.

With your organization created and your domain verified, you can now utilize Atlassian Access to standardize security and centralize administration across all users in your organization. 

Access acts as a bridge between Atlassian tools and the company’s existing management software. Access integrates with industry-leading identity and security products like Okta, Idaptive, Google Cloud Identity, Azure AD, and Onelogin for SAML single sign-on and automated user provisioning. 

If users don't yet have an identity provider to connect Atlassian Access to, they can also set up enforced two-step verification.

Access also provides admins with full visibility into important activity data through an organization audit log as well as product adoption data through organization insights. 

Overview diagram of Atlassian Access

Who does Access benefit


For admins, the task of managing users at scale becomes a matter of ease, as users are automatically provisioned and deprovisioned as they are added, moved, or removed from groups in the organization’s identity provider.

For security teams, ensuring organizational compliance with policies is simplified, with SAML single sign-on, enforced two-step verification, and API token controls.

For employees already using Atlassian cloud products, access to their Atlassian tools becomes even easier, and they don't have to remember yet another password.

For new hires, day 1 becomes much smoother, with a seamless onboarding flow that gives them all the tools they need.

Who should use Access


Access is great for companies that:

  • Want an additional layer of security
  • Need help with administration at scale
  • Seek deeper insight into their organization's use of tools
  • Work in regulated industries, like healthcare and finance

What Access includes


Access provides enterprise-grade security and administration features, including:

SAML single sign-on

SAML single sign-on (SSO) allows your users to authenticate to Atlassian cloud products through your company's existing identity provider. This means they can access multiple tools with the same set of credentials.

User provisioning and de-provisioning

With user provisioning and de-provisioning, access to Atlassian cloud products will be defined by rules set in your external directory. Onboarding and offboarding of users happens automatically whenever a user is added or removed from your external directory.

Organization audit log

The organization audit log is a comprehensive log of the activities that take place across all of the Atlassian cloud tools used within your organization. Admins gain insight into the who, what and when of product activity.

Enforced two-step verification

Enforce that users in you organization turn on two-step verification in order to log in and access their Atlassian cloud products, in order to keep their account secure even if their password is compromised.

CASB integrations

Advance security monitoring and threat protection at scale by connecting Atlassian Access to a CASB, such as McAfee MVISION Cloud, for a centralized view of all Atlassian cloud products and across other cloud services.

API token controls

API tokens allow a user to authenticate with cloud apps and bypass two-step verification and SSO, and retrieve data from the instance through REST APIs. Token controls allow admins to view, and if necessary, revoke the use of API tokens by their managed accounts.

Prerequisites for Access


In order to use Access, a company must:

  • Set up an Atlassian Organization
  • Verify their domain, which requires them to be able to make changes to their web domain’s DNS or HTTPS settings.
  • Be ready to coordinate with other Atlassian stakeholders in their organization for a company-wide implementation of Access.