Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

2FA / MFA

Christian Purnomo
Christian Purnomo February 22, 2022

Hi All

We currently have a cloud Hosted Jira / Confluence that we wish to enforce to use MFA/2FA.

The situation is that our Jira and Confluence have a mixed between internal and external users.
Internal users are from within our Active Directory / Azure Active Directory and Externals are outside our AD domain.

IDEALLY we would prefer to leverage our existing Azure AD with MFA built in. This is going to work for our Internal users but how about our external users MFA?

Is it possible to have Jira / Confluence to have mix MFA policies, ie internal users to use Azure AD and external users to use Google Authenticator?

Thanks!

Answer
Watch
Like Be the first to like this
1684 views

1 answer

1 accepted

0 votes
Answer accepted
Pramodh M
Pramodh M
Community Champion
February 22, 2022

Hi @Christian Purnomo 

Welcome to the Community!!

You need to claim domains of accounts if you need to enforce the 2FA option.

Here I guess you can only claim your internal accounts and not the external ones

Only one SSO is supported when you set up configuration with Atlassian Access and only claimed accounts follow the SSO Login and has the authentication policies

Please have a trial of Atlassian Access and explore o available options here

https://admin.atlassian.com/atlassian-access

Let me know if you have any queries

Thanks

View More Comments
Christian Purnomo
Christian Purnomo February 22, 2022

Thanks @Pramodh M 

Yes you are right, we won't have any issue with claiming our internal domains.

> Only one SSO is supported when you set up configuration with Atlassian Access and only claimed accounts follow the SSO Login and has the authentication policies


Would you be able to verify?:
- Only one SSO is ok, we are only after SSO for our internal users. I am assuming our internal users will be enforced with MFA via Azure AD.
- Our external users dont't need SSO - we would only like to enforce them to use Google Authenticator. Is this a possible mix with the SSO above for internal users?

Thank you

Like
Pramodh M
Pramodh M
Community Champion
February 22, 2022

For external users, you won't be able to set the Google authenticator as only one SSO is supported, you will not be able to set up another one.

Rest assured for internal users, it will work as your requirement

Here's a guide 

https://community.atlassian.com/t5/Atlassian-Access-articles/How-To-Atlassian-Access-Enable-amp-Disable-Two-Factor/ba-p/1944420

Like Christian Purnomo likes this
Christian Purnomo
Christian Purnomo February 22, 2022

@Pramodh M  ok thanks.

Getting MFA for ALL USERS (internal & external) is MANDATORY.  


I guess our only option is NOT to use SSO and stick with one of the available MFA (Ie Google Authenticator / Duo / etc).

Like Pramodh M likes this
Pramodh M
Pramodh M
Community Champion
February 22, 2022

The issue you don't have an option to enforce it from Atlassian side.

When you use G Suite, you can offcourse restrict the user to have 2FA for Google account

Please mark the answer as accepted 🙂

Like Christian Purnomo likes this
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security