Troubleshoot Atlassian account

Still need help?

The Atlassian Community is here for you.

Ask the community

Troubleshooting Atlassian account

This section describes problems you might have when logging in to, or using, your Atlassian account.

Unable to log in to Atlassian account using Safari on High Sierra

Possible cause Action you can take
Cookies are not allowed. (Safari on High Sierra disallows cookies by default.)
  1. Open Safari and choose Safari > Preferences from the top menu bar.
  2. Click Privacy.
  3. Clear the following check boxes:
    • Prevent cross-site tracking
    • Block all cookies
  4. You may need to restart your browser for these settings to take affect.


Unable to log in to Atlassian account using Chrome

Possible cause Action you can take
Cookies are not allowed.
  1. Open Chrome and choose > Settings from the top right of the browser. A new tab opens.
  2. Scroll down, then click Advanced.
  3. Scroll down, then click Content settings.
  4. Click Cookies.
  5. Switch on the Allow sites to save and read cookie data toggle.
  6. Switch off the Block third-party cookies toggle.
  7. If the settings don't take effect right away, restart your browser.


Unable to log in to Atlassian account using Internet Explorer

When attempting to log in to your Atlassian account using Internet Explorer you see the error message "Something has gone wrong".


Possible causes

Actions you can take

Cookies are not allowed in your computer's Internet Options.

Do either of the following:

  • Allow cookies for all sites

Click to read how...

To allow cookies for all sites:

  1. Go to Control Panel > Internet Options
  2. Click the Privacy tab
  3. Under "Settings", click Advanced
  4. Adjust your settings to accept first-party and third-party cookies:

  • Allow cookies for just Atlassian cloud sites

Click to read how...

To allow cookies for just Atlassian cloud sites:

  1. Go to Control Panel > Internet Options
  2. Click the Privacy tab
  3. Under "Settings", click Sites
  4. Allow the following sites to use cookies:
    • atlassian.com
    • atlassian.io
    • atlassian.net
    • jira.com

You should also check that the correct security level is set, as described below.

Read more about Atlassian cloud domains and IP address ranges.

The security level for the 'Internet zone' is not set properly in your computer's Internet Options.

Do either of the following:

  • Set the correct security level for all sites

Click to read how...

To set the security level for all sites:

  1. Go to Control Panel > Internet Options
  2. Click the Security tab
  3. Set the security level for the Internet zone to Medium-high:

  • Set the correct security level for just Atlassian cloud sites

Click to read how...

To set the security level for just Atlassian cloud sites:

  1. Go to Control Panel > Internet Options
  2. Click the Security tab
  3. Set the security level for Trusted sites to Medium-high:
  4. Now, while in the Trusted sites section, click the Sites button
  5. Add the following sites to the Trusted sites zone:
      • https://*.atlassian.com
      • https://ajax.googleapis.com/
      • https://cdnjs.cloudflare.com/


You should also check that cookies are allowed, as described above.

Read more about Atlassian cloud domains and IP address ranges.

Back to top

Unable to log in to Atlassian account using Firefox

Possible cause Action you can take
Cookies are not allowed.
  1. Open Firefox and choose > Preferences from the top right of the browser. A new tab opens.
  2. From the left menu, choose Privacy & Security.
  3. Look under History.
  4. In the Firefox will menu, choose Remember history.
  5. If the settings don't take effect right away, restart your browser.


Unable to log in to Atlassian account using Microsoft Edge

Possible cause Action you can take
Cookies are not allowed.
  1. Open Edge and choose . The Settings window opens. A new tab opens.
  2. Scroll down and click View advanced settings.
  3. Scroll down to Cookies.
  4. From the Cookies menu, choose Don't block cookies.
  5. If the settings don't take effect right away, restart your browser.


Invitation emails for new users to sign up with Atlassian account get lost

When creating a new user in the 'User management' screen of an Atlassian Cloud product, with Send invitation email selected, you see the 'email has been sent' message, as below, but the invitation email does not actually get sent.

Possible causes

Actions you can take

This can happen if you initially enter an invalid email address while creating the user. Although you correct the email address, or recreate the account with the correct address, the invitation does not get sent because the invalid email address has already been blocked.

Other causes can include:

  • The user's email address is not set up yet
  • The user's inbox is full
  • The mail server is down

You can do either of:

  • Wait 24 hours and try again.
  • For urgent cases, contact Atlassian Support to check on the status of the email address.

Back to top


Troubleshooting two-step verification

This section describes problems you might have when using two-step verification to log in to your Atlassian account.

Your Atlassian account won't accept your verification code, but you know you're using the right code

  • Make sure you're not entering a space
    Some authentication apps display the verification code in two segments, for example: 111 000. However, you generally want to enter your code as a single string: 111000.
  • Make sure you're looking at the code for the correct account
    Many apps allow you to add several accounts and codes in the same app and some display in the same area. Verify you're looking at the correct verification app and the correct code for your Atlassian account.
  • Make sure your phone has the correct time
    Verification codes may not work if the time for your app and phone are different. If necessary, reset your phone's clock and then try to access your account again.

If you've tried everything in this list, log in with your emergency recovery key. 

You've replaced your phone, or want to start using a different verification app

Disable two-step verification, then enable two-step verification again on your new phone or verification app.

Your emergency recovery key doesn't work or you've lost it

  • Make sure it's not an old emergency recovery key. You may have already used that one previously and have your newest one saved elsewhere.
  • Contact support to get back into your account. Support will send an email to the email address associated with your Atlassian account. Once you respond to the email, we'll be able to disable two-step verification so that you can get back into your account.

You log in with Google or SAML single sign-on

You can't use two-step verification. We recommend that you use Google's 2-Step Verification or your SAML provider's equivalent.

If you can choose between logging in with Google and an Atlassian account password, then you can enable two-step verification. However, we'll only request a verification code when you log in with an Atlassian account password, not when logging in with Google.


Troubleshooting single sign-on with SAML

This section describes problems you might have when using single sign-on with SAML to log in to your Atlassian account.

If you see errors from your identity provider, use the provider's support and tools rather than Atlassian Support.

Users can't access my site

If you're users are unable to access your site because of a SAML configuration error:

  1. Go to your Atlassian account login screen, click Having trouble logging in? and follow the prompts. We'll send you an email with a magic link that lets you log in instantly.
  2. Go to the Administration area of your Atlassian Cloud site to fix or disable SAML for the rest of your users.
  3. If you're still having trouble, delete the SAML configuration to go back to password authentication with Atlassian account.

    If you delete the SAML configuration, you can invalidate all your users' passwords in the password policy screen, which will prompt users to go through the password reset process.

  4. If users are still having issues authenticating to the instance, turn off Single sign-on for Atlassian account. All end-users who successfully went through migration will receive an email to reset their password. This final process takes you right back to where you were originally. This is a last resort, as we'd like to help resolve any issues before it comes to this point. 

When raising support tickets, please include the SAMLRequest and SAMLResponse payloads, obtained from the SAML Tracer Firefox add-on. This helps us more quickly identify potential causes of issues.


SAML error messages

The following table lists the error messages related to SAML problems:

Errors

Possible issues

A plain error screen with no Atlassian branding.

You might have network connectivity issues with your IdP. Try refreshing the page.

An error screen for your IdP.

You might have an issue with your IdP configuration, e.g. a user may not be able to access the Atlassian product from the IdP. Raise a ticket with your IdP to fix the issue.

"Your email address has changed at your Identity Provider. Ask your administrator to make a corresponding change on your Atlassian products."

A known issue with the SAML Beta. You'll soon be able to change the email addresses of your managed accounts from User management.

"We weren't able to log you in, but trying again will probably work."

SAML configuration was disabled for the user during the login process. Verify the SAML configuration and try again.

  • "We were expecting you to arrive with a different Identity Provider Entity Id. Ask your administrator to check the Atlassian configuration of SAML. You had xxx; but we were expecting xxx."

  • "Invalid issuer in the Assertion/Response"

The IdP Entity Id in the SAML configuration of your Atlassian Cloud site administration may be incorrect. Verify that you're using the correct Entity Id and try again.

"xxx is not a valid audience for this Response"

The Service Provider Entity Id in the IdP SAML configuration may be incorrect. Verify that you're using the correct Entity Id and try again.

"The response was received at xxx instead of xxx"

The Service Provider Assertion Consumer Service URL in the IdP SAML configuration may be incorrect. Verify that you're using the correct URL and try again.

"The authenticated email address we were expecting was 'xxx', but we received 'xxx'. Please ensure they match exactly, including case sensitivity. Contact your administrator to change your email to match."

The user tried to log in to the IdP with an email address different from their Atlassian account email address. Verify that the user is logging in with the correct email address. Email addresses are also case sensitive.

  • "We were expecting an email address as the Name Id, but we got xxx. Please ask your administrator to check that Name Id is mapped to email address."

  • "We were expecting an email address as the Name Id, but didn't get one. Please ask your administrator to check that Name Id is mapped to email address."

  • "We were expecting a user ID, but didn't get one. Please ask your administrator to check that user ID is populated in the response. See the configuration and troubleshooting guide below."

  • "Unsupported SAML Version."

  • "Missing ID attribute on SAML Response."

  • "SAML Response must contain 1 Assertion."

  • "Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd"

  • "Invalid decrypted SAML Response. Not match the saml-schema-protocol-2.0.xsd"

  • "Signature validation failed. SAML Response rejected"

  • "No Signature found. SAML Response rejected"

  • "The Assertion of the Response is not signed and the SP requires it"

  • "The attributes have expired, based on the SessionNotOnOrAfter of the AttributeStatement of this Response"

  • "There is an EncryptedAttribute in the Response and this SP not support them"

  • "Timing issues (please check your clock settings)"

  • "The Response has an InResponseTo attribute: xxx while no InResponseTo was expected"

  • "The InResponseTo of the Response: xxx does not match the ID of the AuthNRequest sent by the SP: xxx"

You're most likely using an unsupported IdP. Verify your IdP configuration by making sure you've done the following:

  1. The IdP can return email as the NameId.

  2. A user Id is mapped as a SAML attribute.

  3. The SAML responses are signed and not encrypted.

  4. The IdP's time is synchronised with NTP.

Last modified on Apr 26, 2018

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.