Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it possible to apply specific policies to Jira product access by users from the same domain?

Chris Jones
Chris Jones
Contributor
July 13, 2025

 Objective:

  1. Users in policy 1 may be either a Jira user or a JSM customer
  2. Users in policy 2 may only be a JSM customer

All users in the domain are managed. The difference between the policies is that 1 requires SSO while 2 does not.

Answer
Watch
Like Be the first to like this
103 views

1 answer

0 votes
Wojciech Miecznikowski
Wojciech Miecznikowski July 13, 2025

Hello Chris!

Functionality dedicated to handle that is Authentication policies (in security). There you can assign people to policies and achieve your goal, but I expect that your problem is a little bit more complex and you want to do it automatically :). At the moment, unfortunately, you are not in a position to do this through groups, so there is no quick and easy method - you can have a problem with every new user.

If you really need to do it, then you can use RestAPI and trigger this from some place (for example from Entra ID for every new user).
https://developer.atlassian.com/cloud/admin/control/rest/api-group-authentication-policies/#api-admin-control-v1-orgs-orgid-auth-policy-policyid-add-users-post

Here is the useful link: https://jira.atlassian.com/browse/ACCESS-1905 (and a lot of linked work items).

I hope it is useful.

Regards

View More Comments
Chris Jones
Chris Jones
Contributor
July 16, 2025

thanks @Wojciech Miecznikowski I am able to assign users to the policies ok. And at Products \ User access settings \ Approved domains I can allow users to request access i.e. a licence with admin approval, and provide access as a JSM customer. That's all ok.

The members of mydomain.com will be assigned one of two policies:

  1. Policy 1: Requires SSO
  2. Policy 2: Does not require SSO

I want to make sure that "users" have policy 1 assigned, while only customer access is provided to members of policy 2.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security