Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,458,134
Community Members
 
Community Events
176
Community Groups

Forcing 2FA, instance access and user management

Hi all,

I have a complex problem I wonder if anyone could help me solve.

 

  1. We run an instance of Jira Cloud
  2. We have built an application that is directly connected to Jira and uses Jira as the user management system
  3. We have our client and 3 vendors needing to log into our Jira instance
  4. Some Users and Vendors need to access jira. Others Just need access to our Application

The issue:

  • We would like to be able to Force 2FA for our Client and Vendor users - but as we don't own their Domains we cannot do this ourselves

The Ask:

  • Is it possible for our client to set up their own Atlassian Access instance and not pay for any other service but Atlassian Access and force their own users to turn on 2FA - And at the same time have them access our Cloud instance of Jira?

Cheers,

Sean.

 

2 answers

1 accepted

1 vote
Answer accepted
Dave Meyer Atlassian Team Dec 21, 2022

@Sean Wood the answer to your question is yes. Your client could verify their domain, subscribe to only Atlassian Access, and enforce mandatory 2FA for users. We are also working on a 2FA capability that can be enforced on users you don't manage https://www.atlassian.com/wac/roadmap/cloud/external-user-security-eap?search=external&p=b8d50209-93

@Dave MeyerThank you for this. Great news. I also found this which I have applied for:

https://jira.atlassian.com/browse/ACCESS-102

 

Cheers,

Sean.

Like Steffen Opel _Utoolity_ likes this
0 votes

@Sean Wood 

Hi Sean:

In general, Atlassian Access is for customers to use his/her own IDP to control users management against Atlassian's products.  So, it is my opinion that you cannot use it if you don't use any Atlassian products.

Secondly, accessing your Jira Cloud env requires user licenses.  Therefore your clients will need to be licensed.  Have you thought of setting up your clients with as your domain's users? Are you using Atlassian Access now to enforce 2FA against your env?

Best, Joseph Chung Yin

Jira/JSM Functional Lead, Global Infrastructure Applications Team

Viasat Inc.

Hi Joseph,

Really appreciate you replying to my question. Thank you.

We could provide our clients and vendors with an email address so they could use this. It is one option.

We do not have 2FA forced via Atlassian but we have 2FA turned on Via SSO. The client does not have any SSO provider.

 

As an alternative we are thinking of upgrading to Jira Premium and whitelisting IP's as the client uses VPN Exclusively.

 

Thanks again for the information and input.

Cheers,

Sean.

@Sean Wood -

Great.  If my suggestion helped you, please click on Accept answer when you have a chance.

Best, Joseph

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS

Atlassian Community Events