Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Okta SSO to Confluence Cloud - Existing Users

Steven Dracker
Steven Dracker
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
September 15, 2020

We are planning to integrate our Confluence Cloud site with our Okta SSO. We want to make sure that existing users that are logging in with the Native Confluence authentication are properly mapped to their new Okta accounts. We also do not want ALL users who access Confluence to require an Okta login. Only a certain group of users.

 

  • Will turning on Okta SSO for Confluence require that ALL users need an Okta account or can we maintain a group of SSO users and a group who log in with native authentication?
  • Can existing user accounts in Confluence be mapped to an Okta user identity so we do not have a problem with duplicate accounts or orphaned content ownership?

Thanks

Answer
Watch
Like Be the first to like this
468 views

1 answer

0 votes
Kristina Radeva
Kristina Radeva
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 17, 2020

1. When you turn on Okta SSO, all users which get imported will require an Okta sign-in. Once you create the SSO, all your directory with synced used will require Okta to sign in, but they will not be kicked out of their native authentication yet. So everybody will remain logged in and the SSO transition will be seamless.

2. Yes, they can be mapped. Please bear in mind that anybody with a main account and an alias in Confluence will need to manually be mapped. (Example: firstname.lastname@company.com is their primary Okta email but their Confluence account is mapped to firstname@company.com. Then they need to be manually mapped in Okta to their firstname@company.com, otherwise the SSO will instantly create a second duplicated account and trust me, there will be a lot of confusion around it!)

Anybody who you manually invite in Confluence via the Admin panel can still log in with email/password, since there is no way to enforce SSO in Atlassian. 

I haven't had any problem inviting external contractors to our domain. 

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.