Summary

A user may may encounter a 403 error when logging into Atlassian cloud via Okta.

Environment

This KB applies to organizations that have Atlassian Access configured and integrated SAML Single Sign On with Okta. 

Diagnosis

A user is attempting to authenticate via Okta to reach an Atlassian Cloud product. After submitting the credentials via the Okta login form, the error 403 App not Assigned is encountered.

Cause

The account is not permitted to use the SSO feature provided by the Okta app integration.

Solution

Grant the permission to use the SSO feature by assigning the account to the Okta app integration.

Reach out to your organization's Okta administrators to perform the following changes.

• Open the Okta administration
• Navigate to Applications > Applications
• Launch the Atlassian Cloud application integration. This should be the application that is configured for SSO with Atlassian Access. 
• Open the Assignment tab
• Assign the account encountering with 403 error to the application or add the account as a member of a group that is assigned to the application.