Hello,
This sounds more like two different email addresses being needed to login into these two instances.
Since there are two Identity Providers, and login seems to work with each one individually – there are two different SAML SSO connections in backend, and for this to even be possible two different Atlassian Access organisations must have been setup – which means there are indeed two different verified email domains in the picture.
So being logged in into one instance via the respective IdP using email from domain1, then navigating to the other will treat you as an unknown user (to this instance). Clearing your cache merely clears you Atlassian ID cookies, so you can then login via the other IDP with a different email from domain2, thus getting into a user profile known to this instance.
Is this what's happening? Are you logging in with Atlassian accounts using different emails?
Since two Atlassian Accounts already exist in Cloud, they need to be merged – this is really a question for Atlassian Support as this is completely their internal kitchen.
Once merged on the Atlassian side the question remains whether you have to continue to use two different IdPs.
If you can't move to the same IdP, the SAML connection on one of the IdPs has to be reconfigured to push the email address from the other email domain as the user identifier to the Cloud i.e. regardless of the email from domain1 being entered at the Atlassian login to trigger the trip to IdP1, it's the email from domain2 that will be given by the IdP1 to Cloud, so you will magically login into the same Atlassian Account.
Once accounts are merged it is possible to push these "new" emails from the IdP in bulk via User Provisioning, assuming yours is configured correctly with the matching attribute set to the Object ID (or equivalent) and not email or UPN.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.