Merge pull request #224672 from bhavana-129/atlasian-cloud-updtes

Product Backlog Item 2323533: SaaS App Tutorial: Atlassian Cloud Update

Author: PMEds28

articles/active-directory/saas-apps/atlassian-cloud-tutorial.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.topic: tutorial
-ms.date: 01/06/2023
+ms.date: 01/23/2023
 ms.author: jeedes
 ---
 # Tutorial: Azure Active Directory SSO integration with Atlassian Cloud
@@ -49,7 +49,7 @@ To configure the integration of Atlassian Cloud into Azure AD, you need to add A
 1. In the **Add from the gallery** section, type **Atlassian Cloud** in the search box.
 1. Select **Atlassian Cloud** from results panel and then add the app. Wait a few seconds while the app is added to your tenant.
 
-Alternatively, you can also use the [Enterprise App Configuration Wizard](https://portal.office.com/AdminPortal/home?Q=Docs#/azureadappintegration). In this wizard, you can add an application to your tenant, add users/groups to the app, assign roles, as well as walk through the SSO configuration as well. You can learn more about O365 wizards [here](/microsoft-365/admin/misc/azure-ad-setup-guides?view=o365-worldwide&preserve-view=true).
+Alternatively, you can also use the [Enterprise App Configuration Wizard](https://portal.office.com/AdminPortal/home?Q=Docs#/azureadappintegration). In this wizard, you can add an application to your tenant, add users/groups to the app, assign roles, as well as walk through the SSO configuration as well. You can learn more about Microsoft 365 wizards [here](/microsoft-365/admin/misc/azure-ad-setup-guides?view=o365-worldwide&preserve-view=true).
 
 ## Configure and test Azure AD SSO
 
@@ -58,8 +58,8 @@ Configure and test Azure AD SSO with Atlassian Cloud using a test user called **
 To configure and test Azure AD SSO with Atlassian Cloud, perform the following steps:
 
 1. **[Configure Azure AD with Atlassian Cloud SSO](#configure-azure-ad-with-atlassian-cloud-sso)** - to enable your users to use Azure AD based SAML SSO with Atlassian Cloud.
-    1. **[Create an Azure AD test user](#create-an-azure-ad-test-user)** - to test Azure AD single sign-on with B.Simon.
-    1. **[Assign the Azure AD test user](#assign-the-azure-ad-test-user)** - to enable B.Simon to use Azure AD single sign-on.
+   1. **[Create an Azure AD test user](#create-an-azure-ad-test-user)** - to test Azure AD single sign-on with B.Simon.
+   1. **[Assign the Azure AD test user](#assign-the-azure-ad-test-user)** - to enable B.Simon to use Azure AD single sign-on.
 1. **[Create Atlassian Cloud test user](#create-atlassian-cloud-test-user)** - to have a counterpart of B.Simon in Atlassian Cloud that is linked to the Azure AD representation of user.
 1. **[Test SSO](#test-sso)** - to verify whether the configuration works.
 
@@ -75,23 +75,19 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 
     ![Setup configuration](common/setup-sso.png)
 
-1. If you want to setup Atlassian Cloud manually, log in to your Atlassian Cloud company site as an administrator and perform the following steps.
+1. If you want to set up Atlassian Cloud manually, log in to your Atlassian Cloud company site as an administrator and perform the following steps.
 
-1. Before you start go to your Atlassian product instance and copy/save the Instance URL.
-   > [!NOTE]
-   > URL should fit `https://<INSTANCE>.atlassian.net` pattern.
+1. In the **ATLASSIAN Admin** portal, navigate to **Security** > **Identity providers** > **Microsoft Azure AD**.
 
-   ![Instance Name](./media/atlassian-cloud-tutorial/instance.png)
+   ![Screenshot shows the Instance Profile Name.](./media/atlassian-cloud-tutorial/name.png "Profile")
 
-1. Open the [Atlassian Admin Portal](https://admin.atlassian.com/) and click on your organization name.
+1. Enter the **Directory name** and click **Add** button.
 
-   ![Admin Portal](./media/atlassian-cloud-tutorial/organization.png)
+   ![Screenshot shows the Directory for Admin Portal.](./media/atlassian-cloud-tutorial/directory.png "Add Directory")
 
-1. You need to verify your domain before going to configure single sign-on. For more information, see [Atlassian domain verification](https://confluence.atlassian.com/cloud/domain-verification-873871234.html) document.
+1. Select **Set up SAML single sign-on** button to connect your identity provider to Atlassian organization.
 
-1. In the **ATLASSIAN Admin** portal, navigate to **Security** tab, select **SAML single sign-on** and click **Add SAML configuration**.
-
-   ![Security](./media/atlassian-cloud-tutorial/admin.png)
+   ![Screenshot shows the Security of identity provider.](./media/atlassian-cloud-tutorial/provider.png "Security")
 
 1. In the Azure portal, on the **Atlassian Cloud** application integration page, find the **Manage** section and select **Set up single sign-on**.
 
@@ -107,35 +103,33 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 
    ![Single Sign-On](./media/atlassian-cloud-tutorial/configure.png)
 
-   b. Copy **Login URL** value from Azure portal, paste it in the **Identity Provider SSO URL** textbox in Atlassian.
+   b. Copy **Login URL** value from Azure portal, paste it in the **Identity provider SSO URL** textbox in Atlassian.
 
-   c. Copy **Azure AD Identifier** value from Azure portal, paste it in the **Identity Provider Entity ID** textbox in Atlassian.
+   c. Copy **Azure AD Identifier** value from Azure portal, paste it in the **Identity provider Entity ID** textbox in Atlassian.
 
    ![Identity Provider SSO URL](./media/atlassian-cloud-tutorial/configuration-azure.png)
 
-   ![Entity id](./media/atlassian-cloud-tutorial/login.png)
+   ![Screenshot shows the Configuration values.](./media/atlassian-cloud-tutorial/metadata.png "Azure values")
 
 1. On the **Set up Single Sign-On with SAML** page, in the **SAML Signing Certificate** section, find **Certificate (Base64)** and select **Download** to download the certificate and save it on your computer.
 
    ![signing Certificate](./media/atlassian-cloud-tutorial/certificate.png)
 
-   ![Certificate 1](./media/atlassian-cloud-tutorial/certificate-download.png)
+   ![Screenshot shows the Certificate in Azure.](./media/atlassian-cloud-tutorial/entity.png "Add Details")
 
-1. **Add** and **Save** the SAML Configuration in Atlassian.
+1. Save the SAML Configuration and click **Next** in Atlassian.
 
 1. On the **Basic SAML Configuration** section, perform the following steps.
 
-   a. Copy **SP Entity ID** value from Atlassian, paste it in the **Identifier (Entity ID)** box in Azure and set it as default.
-   
-   b. Copy **SP Assertion Consumer Service URL** value from Atlassian, paste it in the **Reply URL (Assertion Consumer Service URL)** box in Azure and set it as default.
+   a. Copy **Service provider entity URL** value from Atlassian, paste it in the **Identifier (Entity ID)** box in Azure and set it as default.
 
-   c. Copy your **Instance URL** value, which you copied at step 4 and paste it in the **Relay State** box in Azure.
-
-   ![Copy URLs](./media/atlassian-cloud-tutorial/values.png)
+   b. Copy **Service provider assertion consumer service URL** value from Atlassian, paste it in the **Reply URL (Assertion Consumer Service URL)** box in Azure and set it as default.
 
-   ![Button](./media/atlassian-cloud-tutorial/edit-button.png)
+   c. Click **Next**.
+   
+   ![Screenshot shows the Service provider images.](./media/atlassian-cloud-tutorial/steps.png "Page")
 
-   ![URLs image](./media/atlassian-cloud-tutorial/image.png)
+   ![Screenshot shows the Service provider Values.](./media/atlassian-cloud-tutorial/provide.png "Provider Values")
 
 1. Your Atlassian Cloud application expects the SAML assertions in a specific format, which requires you to add custom attribute mappings to your SAML token attributes configuration. You can edit the attribute mapping by clicking on **Edit** icon. 
 
@@ -169,20 +163,9 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 
       ![image 4](./media/atlassian-cloud-tutorial/final-attributes.png)
 
-1. To enforce SAML single sign-on in an authentication policy, perform the following steps.
-
-   a.	From the **Atlassian Admin** Portal, select **Security** tab and click **Authentication policies**.
-
-   b.	Select **Edit** for the policy you want to enforce. 
-
-   c.	In **Settings**, enable the **Enforce single sign-on** to their managed users for the successful SAML redirection. 
-
-   d.	Click **Update**. 
-
-      ![Authentication policies](./media/atlassian-cloud-tutorial/policy.png) 
-
-   > [!NOTE]
-   > The admins can test the SAML configuration by only enabling enforced SSO for a subset of users first on a separate authentication policy, and then enabling the policy for all users if there are no issues.
+1. Click **Stop and save SAML** button.
+   
+   ![Screenshot shows the image of saving configuration.](./media/atlassian-cloud-tutorial/continue.png "Save configuration")
 
 ### Create an Azure AD test user
 
@@ -238,4 +221,4 @@ You can also use Microsoft My Apps to test the application in any mode. When you
 
 ## Next steps
 
-Once you configure Atlassian Cloud you can enforce session control, which protects exfiltration and infiltration of your organization's sensitive data in real time. Session control extends from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-any-app).
+Once you configure Atlassian Cloud you can enforce session control, which protects exfiltration and infiltration of your organization's sensitive data in real time. Session control extends from Conditional Access. [Learn how to enforce session control with Microsoft Defender for Cloud Apps](/cloud-app-security/proxy-deployment-any-app).