Git Client Authentication in SSO Environment

Today, every development team uses a Repository Manager, such as Bitbucket and GitHub, to manage source code. It is the ideal tool for organizing your local code in Git repositories, controlling access to those repositories, and collaboratively working on code with your team. Many Atlassian tools are used by enterprise users daily like Jira, Confluence, Crowd, etc. And Single Sign On(SSO) is the only feasible option that allows the use of a single pair of credentials to bring a smooth login experience into all the Atlassian applications. (Don’t tell me, do you still have to remember login credentials for all of your apps!? Check out our wide range of SSO solutions now.)

Well, SSO will surely help you login into multiple apps smoothly. But does SSO allow you to authenticate while performing Git operations, such as pull and push from your local Git Client? Yes! 

There are a couple of ways to do this which we will explore below.

Git Authentication using SSH Keys:

Git Authentication using SSH keys is pretty popular nowadays. It uses a pair of private and public cryptographic keys to replace standard username and password authentication. Once the admin has enabled SSH access in the admin settings, users can generate their SSH key and add it to their Bitbucket account.

Though it is popular, there are few points that we need to consider:

• The setup is complex. Admins cannot set it up in one go. 
• Hard to maintain keys if you end up using multiple keys for authentication.
• Every user needs to set up the keys by themselves.

Introducing Enterprise Git Client Login/SSO Add-on!

You can now use miniOrange's Enterprise Git Client and CMD Login/SSO app for Bitbucket to perform Git Authentication. This is the best alternative for SSH keys. It also integrates nicely with Single Sign-On, and you need to make just a few settings to make a login into Git a breeze. You do not have to worry about creating a local password for login, and also, you will not be dealing with complicated SSH key configuration.

Once you have configured the plugin, you can use your OAuth provider or IDP credentials instead of your local Bitbucket account credentials to perform any Git operations. The plugin will be responsible for the user authentication from an OAuth provider, while the Bitbucket server will continue to manage access rights for those users.

If certain users have only a local Bitbucket account, like administrators or developers, do not worry! We got your back. Such users can use their local credentials to login to Git clients. This is supported by our miniOrange Git Authentication app.

The plugin provides support for a few well-known OAuth providers as default applications. It includes AzureAD, ADFS, AWS Cognito, Okta, Keycloak, OneLogin, etc.  If you are using a provider which is not mentioned here, you can raise a ticket or reach out to us at info@xecurify.com, and we will be happy to help you.

Start your trial for the Enterprise Git Client SSO/Login plugin now!