You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I have a complex problem I wonder if anyone could help me solve.
@Sean Wood the answer to your question is yes. Your client could verify their domain, subscribe to only Atlassian Access, and enforce mandatory 2FA for users. We are also working on a 2FA capability that can be enforced on users you don't manage https://www.atlassian.com/wac/roadmap/cloud/external-user-security-eap?search=external&p=b8d50209-93
In general, Atlassian Access is for customers to use his/her own IDP to control users management against Atlassian's products. So, it is my opinion that you cannot use it if you don't use any Atlassian products.
Secondly, accessing your Jira Cloud env requires user licenses. Therefore your clients will need to be licensed. Have you thought of setting up your clients with as your domain's users? Are you using Atlassian Access now to enforce 2FA against your env?
Best, Joseph Chung Yin
Jira/JSM Functional Lead, Global Infrastructure Applications Team
Really appreciate you replying to my question. Thank you.
We could provide our clients and vendors with an email address so they could use this. It is one option.
We do not have 2FA forced via Atlassian but we have 2FA turned on Via SSO. The client does not have any SSO provider.
As an alternative we are thinking of upgrading to Jira Premium and whitelisting IP's as the client uses VPN Exclusively.
Thanks again for the information and input.