Atlassian cloud application
You must be signed in as a super administrator for this task.
Using Security Assertion Markup Language (SAML), your users can use their Google Cloud credentials to sign in to enterprise-cloud applications.
Set up SSO via SAML for Atlassian Cloud
Here's how to set up single sign-on (SSO) via SAML for the Atlassian Cloud® application.
Step 1: Set up Google as a SAML identity provider (IdP)-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
From the Admin console Home page, go to Apps
SAML apps.
To see Apps on the Home page, you might have to click More controls at the bottom.
- Click the plus (+) icon at bottom right.
- Locate and click Atlassian Cloud in the application list.
- On the Google IDP Information page:
- Copy and save the SSO URL and Entity ID.
- Download the Certificate.
- Click Next.
The Basic information window shows the Application name and Description seen by users.
- Click Next.
- On the Service Provider Details page, edit the Start URL, replacing {your‑site} with your domain name.
- Click Next.
- On the Attribute Mapping page, set the Select category and Select user field values as follows for the listed attributes:
Application attribute Select category Select user field http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname Basic Information First Name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname Basic Information Last Name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn Basic Information Primary Email - Click Finish.
- Open a new incognito browser window.
- Sign in to https://id.atlassian.com/login with your organization's Atlassian Cloud administrator account.
- From the global sidebar, navigate to Settings > User Management > Authentication > SAML.
- (Optional) If the domain you're using with your Atlassian Cloud account has not been verified, click Domains in the sidebar and follow the steps to add and verify your domain.
- On the SAML page, enter the SSO URL and Entity ID values you copied in Step 1 into the respective fields.
- Paste the certificate you downloaded in Step 1 into the Public x509 certificate field.
- Click Save configuration.
-
Sign in to your Google Admin console.
Sign in using your administrator account (does not end in @gmail.com).
-
From the Admin console Home page, go to Apps
SAML apps.
To see Apps on the Home page, you might have to click More controls at the bottom.
- Select Atlassian Cloud.
-
At the top right of the gray box, click Edit Service
.
-
To turn on or off a service for everyone in your organization, click On for everyone or Off for everyone, and then click Save.
-
To turn on or off a service only for users in an organizational unit:
- At the left, select the organizational unit.
- Select On or Off.
- To keep the service turned on or off even when the service is turned on or off for the parent organizational unit, click Override.
- If the organization's status is already Overridden, choose an option:
- Inherit—Reverts to the same setting as its parent.
- Save—Saves your new setting (even if the parent setting changes).
Learn more about organizational structure.
- Ensure that your Atlassian Cloud user account email IDs match those in your Google domain.
- Close all browser windows.
- Open https://{your_site}.atlassian.net and attempt to sign in. You should be automatically redirected to the Google sign in page.
- Enter your sign in credentials.
- After your sign in credentials are authenticated, you are automatically redirected back to Atlassian Cloud.