We are having issues with customers being prompted when clicking How to links in Jira Service Desk. We setup a Service Desk KB and linked to Confluence. How can credentials be passed through without users being prompted?
Atlassian Team members are employees working across the company in a wide variety of roles.
March 21, 2018 edited
Hi Richard,
Credentials can be passed through by using OAuth with impersonation for your application link between Jira and Confluence, as described in OAuth security for application links:
Atlassian OAuth with impersonation makes it easy for your users to benefit from the deep integrations between Atlasssian applications:
they're automatically authenticated on the other application and don't get asked to authorize requests. they'll only see the information that they have permission to see. Impersonating authentication makes requests on behalf of the user who is currently logged in.
Note that Atlassian OAuth with impersonation can only be used for application links between Atlassian applications. Furthermore, it should only be used when the two applications share the same userbase, typically managed with an external directory using LDAP.
A typical scenario is:
You've set up an application link but your users still have to authenticate regularly. This can occur when the application link has been configured to not share the same userbase. If those applications do share the same userbase, you can update your application link by selecting OAuth (impersonation) when editing the application link. See Update an existing link on this page for instructions.
Another reason they may have to log into Confluence all the time is if the applications are overwriting each other's cookies. Adding a context path or changing the domain will fix this, as will adding the sessionCookieName attribute to the <Context> element in <install>/conf/context.xml. For instructions, please refer to Logging into another Atlassian application logs me out of Confluence.
If you aren't using SSO or something that passes login information between instances, then users will need to log in to Confluence using theirJira Service Desk credentialsto view articles.
So at least the lack of integration when using "Atlassian OAuth with impersonation" has now been acknowledged. Unfortunately, JSDSERVER-1551 is still only "gathering interest" despite the obvious requirement for a service desk customer to be able to read a Knowledge Base article from JSD, without having to login again to Confluence. The Confluence login screen provides no instructions as to what login the customer should use or even why they need to login. It's an extremely poor user experience and looking at our own statistics, in 12 months only ONE customer has figured out how to login to Confluence. ONE. That's fairly damning.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.