Stack: Atlassian stack
Okta disaster recovery for the Atlassian stack
The Atlassian stack — Jira, Confluence, Bitbucket, Jira Service Management — typically federates through a single Okta-side Atlassian Cloud app. A single bad change to that app, its SCIM connection, or the group rules feeding it can block engineering across the entire stack simultaneously.
Butterfly captures versioned snapshots of the Okta configuration governing the Atlassian stack — the Atlassian Cloud SAML / OIDC app, the SCIM feed, assigned groups, sign-on policies, and Workflows automations. Restore preview shows the diff before any revert.
What you get
How Butterfly fits Atlassian stack
Atlassian Cloud SSO app is versioned
Every backup captures the Okta-side Atlassian Cloud app integration — SAML signing certificate, attribute mapping, assigned groups, and sign-on policy. This single app gates Jira, Confluence, Bitbucket, and Jira Service Management.
SCIM provisioning into the Atlassian organization is versioned
The Okta-to-Atlassian SCIM connection is captured per snapshot. Product-access grants (Jira Software, Confluence, Bitbucket, JSM) are versioned.
Group rules drive Atlassian product access
Group rules are how most teams scale who-can-access-which-Atlassian-product. Butterfly versions every rule.
What goes wrong
Three incidents you have already seen variations of
Sign-on policy change blocks engineering across Jira and Bitbucket
A device-trust tightening caught the engineering group. The team lost access to Jira AND Bitbucket simultaneously mid-sprint. Restore preview surfaces the policy diff.
SCIM-driven product-access change strips Confluence rights
A SCIM attribute mapping change moved a population to an Atlassian license tier that did not include Confluence. Documentation work halted. Restore preview surfaces the mapping diff.
Group rule cleanup drops customer-success agents from JSM
A directory cleanup removed a group rule feeding the CS-jsm-agents group. Service tickets piled up.
Honest scope
What Butterfly captures — and what it does not
In scope
The Okta-side configuration governing the Atlassian stack: the Atlassian Cloud SAML / OIDC app integration, attribute mappings, SCIM provisioning configuration, assigned users and groups, group rules driving Atlassian product access, sign-on policies, and Workflows automations.
Out of scope
We do not back up Jira tickets, Confluence pages, Bitbucket repositories, JSM service tickets, or any Atlassian-side state. Atlassian-side backup is owned by Atlassian's own export tooling.
Plans
Free, Standard, or Business
Free
$0 / forever
- 1 Okta connection
- 7-day retention
- 1 total backup
- No credit card
Standard
$1 / user / month — $99 minimum
- 2 Okta connections
- 90-day retention
- Restore preview + dry-run
- Audit Pack PDF (framework-filterable)
Business
$2 / user / month — $299 minimum
- Unlimited Okta connections
- Unlimited retention
- Continuity (warm standby)
- Priority restore support
Pricing reference: /upgrade. Provider coverage today: Okta, Okta Workflows, Auth0.
Regulatory shape
Compliance and audit angle
SOC 2 CC6 (logical access) and ISO 27001 A.5.16 (identity management) apply most directly to engineering-tooling identity continuity. HIPAA 164.312 applies to JSM deployments handling regulated requests.
Butterfly's own SOC 2 Type II work is in progress; current status lives in the Trust Center.
Frequently asked
FAQ
Does Butterfly back up Atlassian product data?
No. Butterfly backs up the Okta configuration governing the Atlassian stack. Atlassian-side data backup is owned by Atlassian's own tooling.
Can we restore a single SCIM mapping?
Yes. Restore preview lets you pick the scope before committing.
Does this cover Bitbucket Cloud as well?
Yes. Any Atlassian Cloud product gated by the same Okta-side SSO app is in scope.
Recover your Okta org in minutes, not hours
Talk to Mick (the founder) for a 30-minute demo, or start the free trial. No credit card for the free tier.
More stacks
Okta DR for other stacks
Trust posture, subprocessors, and security details: Trust Center.