Atlassian Access security policies and features
Atlassian Access is a subscription that you purchase for your whole company.
Atlassian Access enables visibility and security across all Atlassian accounts and products at your company. You’ll have one place to manage your users and enforce security policies so your business can scale with confidence.
When you set Atlassian Access policies and features, they apply to all your managed users with access to these cloud products:
Jira Service Desk (doesn’t apply to portal customer accounts, only Atlassian accounts)
Bitbucket (currently only supports SAML single sign-on)
Trello (currently only supports SAML single sign-on)
Statuspage (currently only supports SAML single sign-on, billed as part of Statuspage pricing not part of your Access bill)
Prerequisites for Atlassian Access
Before you can subscribe to Atlassian Access, you need to verify your domain and claim its accounts. From admin.atlassian.com, click Domains and choose how you want to verify your domain. For details, see Verify a domain for your organization.
Once you verify a domain and claim accounts, all the Atlassian accounts with email addresses from the domain become managed by your organization. Learn more about how organizations work at Atlassian organizations.
Subscribe to Atlassian Access
An Atlassian Access subscription gives you the ability to apply security policies over managed accounts with your verified domains.
To subscribe to Atlassian Access:
From your organization at admin.atlassian.com, go to any of the pages for Atlassian Access features (e.g. User provisioning, Two-step verification) and click the Learn more button.
Choose Try it free for 30 days to begin your Atlassian Access trial.
To see the number users you're paying for, go to Billing > Atlassian Access. For more billing details, read more about Pricing and billing for Atlassian Access. To get a billing estimate for Atlassian Access, check out our pricing calculator page.
Atlassian Access security features
To apply security policies to your managed accounts, you have a few options after you subscribe to Atlassian Access.
- Connect your identity provider to your Atlassian organization
- Require users to log in with two-step verification
- Check the audit log for activities that occur across your sites
- Revoke a user’s API tokens
- Gain insights into your organization
- Get support help for Atlassian Access
Connect your identity provider to your Atlassian organization
Atlassian Access includes two features for connecting your identity provider: SAML single sign-on and user provisioning.
SAML single sign-on
If you’d like your users to authenticate through your company’s identity provider when they log in to your Atlassian cloud products, you can set up SAML for single sign-on (SSO). SSO allows a user to authenticate with one set of login credentials and access multiple products during their session.
With SSO, you have a few benefits:
If self signup is enabled, we automatically create an Atlassian account for them when that user logs in for the first time with SSO.
You can set security policies from your identity provider that will apply when users log in to your Atlassian products.
Read more about SAML single sign-on.
User provisioning integrates an external user directory with your Atlassian cloud products. With user provisioning, you have a few benefits:
Automatically update the users and groups in your Atlassian organization when you make updates in your identity provider, saving you time.
When you deactivate a user in your identity provider, that use will automatically be deactivated in your Atlassian organization, giving you more security and better control over your bill.
New users automatically have access to your products as soon as they’re activated, making onboarding new employees easier.
Read more about User provisioning.
Require users to log in with two-step verification
If you don’t have an identity provider to connect to your Atlassian organization, you can enforce two step-verification for all your managed users.
Two-step verification adds a second login step to your managed users’ Atlassian accounts by requiring them to enter a 6-digit code in addition to their password when they log in. The second step helps keep their account secure even if the password is compromised, keeping your content and resources safer.
Read more about enforced two-step verification.
Check the audit log for activities that occur across your sites
The audit log tracks key activities that occur across your Atlassian organization’s sites. You can use these activities to diagnose problems with or questions about user details, group memberships, and product access
Read more about audit logging.
Revoke a user’s API tokens
You can always see the API tokens users create to perform authenticated operations with product APIs. With an Atlassian Access subscription, you can also revoke a user’s API tokens.
Read more about revoking API tokens from an individual managed account details.
Gain insights into your organization
Organization insights provide data for user and product activity across your organization. For example, you can currently view the number of active users in Jira and Confluence for a period of time. From your organization at admin.atlassian.com, select Security > Insights.
Get support help for Atlassian Access
Atlassian Access Support includes quick response time for all levels of requests related to Atlassian Access features.
Production Application Down (L1)
24 hours, 7 days a week
Serious Degradation (L2)
24 hours, 5 days a week
Moderate Impact (L3)
1 business day
9 hours, 5 days a week
Limited Impact (L4)
2 business days
9 hours, 5 days a week
You can create Atlassian Access Support requests during your 30-day trial and after you start paying for an Access subscription. To create a request:
Select Technical issues and bugs from What can we help you with?
Select Atlassian Access from Which product is this for?
Fill out the rest of the form and click Submit support request.
To learn more about Atlassian Access Support, see Atlassian Support Offerings.