If you’ve lived this, I’d love detailed stories. Some conversation starters:
>> What exactly made it hard? (SSO/IdP, user provisioning, domain policies, MFA, VPN, IP allowlists, Atlassian Access, SCIM, contractors, etc.)
>> Is the blocker usually IT, security, compliance, procurement/vendor risk, or the Jira admins themselves?
>> Jira Cloud vs Jira Data Center: which is worse for external collaboration and why?
>> What are the common “policy red lines” that cause a hard no? (least privilege, separation of tenants, auditability, data residency, CUI/ITAR, SOC2, etc.)
>> What workarounds did you end up using instead (shared spreadsheet, shared mailbox, separate “shadow Jira,” Confluence page, etc.) and what broke?
>> If you did make cross-org Jira work, what was the setup that finally passed and how long did it take? If you didn't make it work, what happened?
Context: I’m trying to understand the true root causes and failure modes -- whether this is mostly technical (identity + permissions) or mostly organizational/policy, and what parts are actually solvable.
The harder part in defense/aerospace is data residency and CUI handling. Jira Cloud will never be on the approved list for anything touching export-controlled data, so you're back to Data Center on-prem — and now you're asking a prime contractor to open VPN tunnels to a supplier's DC instance, which their network team will reject outright. The "let's just use email" fallback isn't laziness, it's often the path of least compliance resistance.
What's the typical org size on the contractor side — are these large primes with mature IAM programs or mid-tier suppliers who barely have SSO themselves?