We have both JIRA Cloud and BitBucket Cloud Premium and they are all nicely linked together. Any time we use a web browser to log in to our bitbucket site, it requires us to enter an Atlassian 2FA code, followed by a BitBucket 2FA code. These are separate codes that appear in our authentication apps on our phones.
I do have 2FA enabled on the bitbucket workspace as well as for JIRA/Atlassian in general. But having to enter 2 of them is overkill.
Is this behavior intended in terms of the Atlassian products? What can I do to alleviate this problem? I just want users to enter one 2FA code if they access JIRA or bitbucket, and then have access to the whole thing.
Please allow me to provide some context on this:
Right now authentication for JIRA Cloud and Bitbucket Cloud happens via the same Atlassian account (the one for https://id.atlassian.com/).
A few years back, this was not the case. A JIRA Cloud account and a Bitbucket Cloud account with the same email were separate, each of them had its own credentials and logging in to one product wouldn't automatically log you in to the other one.
A few years back we introduced Atlassian accounts to provide single login with the same email to customers using different Atlassian Cloud products. As a result of this change, if you have 2FA enabled for both the Atlassian account and the Bitbucket Cloud account with the same email, you'll need to enter a 2FA code twice.
I understand that this can be less than ideal and we have a feature request to unify these (please feel free to add your vote and any feedback in that request):
If all your Bitbucket users have an email from a company domain that you manage with Atlassian Access, you can enforce 2FA on the organization level:
and disable the similar feature in Bitbucket Cloud ("Require two-step verification" setting).
Afterwards, users can disable 2FA for their Bitbucket account and they'll only need to enter one 2FA code for the Atlassian account.
I would like to mention once more that the important thing here is that all Bitbucket users have an account with an email from your managed domain. If you have or invite to your company workspace a Bitbucket user with an email other than your managed emails, that user will be able to access the content of the workspace without having 2FA enabled (after you disable "Require two-step verification" in Bitbucket).
I hope this helps, please feel free to let me know if you have any questions.
Hey Community! We’re willing to wager that quite a few of you not only use Bitbucket, but administer it too. Our team is excited to share that we’ll be releasing improvements throughout this month of...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events