• Documentation

What is a default authentication policy?

Who can do this?
Role: Organization admin
Atlassian Cloud: Atlassian Guard Standard to create more than one authentication policy
Atlassian Government Cloud: Available

Your managed accounts provide you with a pool of users for authentication policies. You assign users to be members of policies.

Your organization starts with a default authentication policy. The default policy contains login settings for its members. When you provision new managed accounts, or when users' accounts are claimed with a linked domain, we add them as members to your default policy.

While users are automatically added as members to your default authentication policy, you must manually remove them if you don't want them included in an authentication policy.

Make a policy the default

To make another policy the default policy:

  1. Go to Atlassian Administration. Select your organization if you have more than one.

  2. Select Security > User security > Authentication policies.

  3. Select Edit for the policy you want to make the default.

  4. Select Make default policy in the (•••) menu.

Add a policy

To add a policy

  1. Go to Atlassian Administration. Select your organization if you have more than one.

  2. Select Security > User security > Authentication policies.

  3. Select Add policy.

  4. Select the Directory for your identity provider

  5. Name the policy.

  6. Select Settings you’d like to apply

  7. Select Update policy in the (•••) menu.

Delete a policy

Remove IDP configurations

Before you delete a policy, we recommend you ensure that any related Identity Provider (IDP) configurations such as User provisioning and SAML are removed.

To remove IDP configurations:

  1. Go to Atlassian Administration. Select your organization if you have more than one.

  2. Select Security > User security > Identity providers.

  3. Locate the associated directory and remove the User Provisioning and SAML entries.

Delete non-default policy

To delete a policy:

  1. Go to Atlassian Administration. Select your organization if you have more than one.

  2. Select Security > User security > Authentication policies.

  3. Select Edit for the policy you want to delete.

  4. Select Delete policy.

Delete default policy

You can’t delete a default policy, but you can select another policy to be the default, then delete it.

To delete a default policy:

  1. Make another policy the default policy:

    1. Go to Atlassian Administration. Select your organization if you have more than one.

    2. Select Security > User security > Authentication policies.

    3. Select Edit for the policy you want to make the default.

    4. Select Make default policy in the (•••) menu.

  2. Delete the policy that is no longer the default one:

    1. Select Security > User security > Authentication policies.

    2. Select Edit for the policy you want to delete.

    3. Select Delete policy.

What happens to users when you delete a policy?

When you delete an authentication policy, users under that policy automatically transition to a local policy where Single Sign-On (SSO) is no longer enforced. This includes deactivated users, who retain their deactivated status within your organization.

Still need help?

The Atlassian Community is here for you.
Ask the Community
On this pageMake a policy the defaultAdd a policyDelete a policyRemove IDP configurationsDelete non-default policyDelete default policyWhat happens to users when you delete a policy?
CommunityQuestions, discussions, and articles