We are excited to announce the general availability (GA) of single sign-on (SSO) step-up verification for external users. It is now available within the external user security feature to all customers with a subscription to Atlassian Guard. Learn more about Atlassian Guard.
External user security enables you to apply security controls to users who collaborate with your company but who you don’t manage in your Atlassian organization such as contractors or collaborators from other companies. In admin hub, you can set a variety of controls for external users including:
Enforce two-step verification: An extra security step is enforced when external users try to access your organization’s Atlassian products.
Single sign-on (SSO) verification (NEW): Use SSO as the two-step verification method. External users are required to verify their identity against a specified connected identity provider via SSO.
Email one-time passcode verification: Use email-OTP as the two-step verification method. External users are required to verify their identity by entering a temporary one-time password sent to their email address.
Session duration: Specify how long sessions last for external users and how often they need to re-verify. Set session durations between every 15 minutes to every 30 days.
API token access: When you block API token access for external users, they are unable to use API tokens to access the products through product APIs. Learn more about API tokens.
Before rolling these external user controls to all users, you can test various settings using the test policy with up to five users. You can find a video demonstration of the external user security SSO two-step verification here.
With the addition of this feature we are giving customers the ability to enforce the same level of security across both their managed and external users. For more details on how to setup SSO verification for external users and the Atlassian Guard billing implications of the feature please review these sources:
The GA experience has just started rolling out so you can expect to see this feature in Atlassian Administration (admin.atlassian.com) within the next two weeks.
In response to customer feedback, we are also investigating multiple external user policies enforcement as a future capability for the external user security feature.
If you previously used external user security during the early access program, thank you for being a part of bringing this feature to life! And if you’re new to external user security, we hope you find it valuable to securely collaborate with your external teammates. Learn more about the feature in our support documentation.
Have questions or feedback? Please leave a comment below.
David Olive
4 comments