User management differences in cloud and server
FAQs about migrating to Jira or Confluence Cloud
- Get started with your cloud migration
- Determine your migration timeline
- Atlassian cloud and migrations roadmap
- Cloud data hosting regions
- Cloud uptime guarantees and SLAs
- Migrate your apps from server to cloud
- Use a self-hosted evaluation license to move to cloud
- Cloud academic and community pricing discounts
- Transfer your self-hosted license to cloud
- Compare server and cloud costs for Jira and Confluence
- Differences between Jira and Confluence server and cloud
- Free trials for cloud migration
- Understand costs of switching to cloud
- Costs for Atlassian Access
- Use LDAP and ADFS with Atlassian’s cloud products
- How to contact migration support
- User management differences in cloud and server
- Check your anonymous access settings
On this page
- No related content found
Still need help?
The Atlassian Community is here for you.
|description||Learn how user management works in Atlassian cloud, and what alternatives there are to Crowd.|
There are a few fundamental differences to understand between deployments:
For server, Crowd Server can act as your remote directory (similar to AD) and allows you to provide SSO across multiple Atlassian server products.
For Data Center, Crowd Data Center can also act as your remote directory (similar to AD). You can also use Crowd's SSO or connect your Data Center products directly to an external identity provider.
For cloud, users can use a single Atlassian account to log in to all cloud apps. You can then connect Atlassian accounts to an external IdP with SAML SSO and user provisioning (SCIM) via a subscription to Atlassian Access.
Crowd in cloud
We've designed identity and user management in Atlassian cloud products with native cloud standards top of mind. Since Crowd was designed for on-premises software, it's not available for our cloud products.
Instead, Atlassian Access offers enterprise-grade security and centralized administration across all your Atlassian cloud products.
Server user management
By default, users have a different account for each one of your company's Atlassian server products (although often peoples' usernames and passwords are the same across products). Alternatively, you can use Atlassian Crowd to provide single sign on between multiple server products.
For each server product, you can manage users and groups from the product's internal directory, an Active Directory or LDAP server. With Atlassian's Data Center products, you can delegate authentication to a third-party provider via SSO.
Cloud user management
With our cloud products, you can create an organization and verify your domains, which will give you a centralized view of all users at your company, across all our products. From there, you can subscribe to Atlassian Access to configure SAML SSO with an identity provider like Okta, Azure AD, Active Directory Federated services, Google Cloud, or more.
User provisioning allows you to sync users and groups from those identity providers to your Atlassian cloud products. If you're using an on-premises LDAP directory or Active Directory, all of our supported identity providers offer connectors to those local directories.
In cloud, each user has a single Atlassian account tied to their email address that they can use to access any Atlassian cloud product (including any Jira or Confluence cloud site). When you invite users to your Jira or Confluence site, they'll get access to the products you specify, either with an already existing Atlassian account or by creating one.
Individual users own their accounts by default. If you want more control over their accounts, verify that you own the domain with their email address to claim their accounts, which transfers ownership of the account from individual users to the organization that has claimed the domain. This gives company admins the ability to modify, deactivate, and delete their accounts.
Site administrators can control which Atlassian accounts have access to the individual products on that site, but cannot modify the accounts themselves.
Organization admins that have a verified domain have full control over the accounts of users in their company, across all sites and services. Building on this, you can subscribe to Atlassian Access and configure user provisioning and SAML single sign-on with your identity provider and an external directory if you have one.
More information and support
We have a number of channels available to help you with your migration.
- For more migration planning information and FAQs, visit the Atlassian Cloud Migration Center.
- Have a technical issue or need more support with strategy and best practices? Get in touch.
- Looking for peer advice? Ask the Atlassian Community.
- Want expert guidance? Work with an Atlassian Partner.
- No related content found