Does confluence support two factor authentication (2FA)? (Jan 2017)

Does anybody know the story with confluence cloud login security? Is two factor authentication (2FA) natively supported yet? Otherwise any other more sophisticated login process than username/password? If not, does anybody know what the timeline is? When we first signed up for confluence years ago 2FA was listed as a "coming soon" feature... As far as I can tell (as of Jan 2017) it only seems to be possible through third party applications, so still unsupported natively, despite Confluence being the kind of high risk repository you would typically want well protected.

Hope I have this wrong and someone can educate me! Thanks.


4 answers

This should be possible now, as SAML support has recently been introduced to Confluence Cloud

Two Factor Authentication can then be supported by using a third-party identity provider - e.g. Google, Azure Active Directory, Okta, etc.

I suppose it depends on what you mean by 2FA

Personal Username and Personal Password are two factors for granting access.

Presumably you want more?

What specifically do you want?:
Secret question? (mother's maiden name, name of first dog ...)
Physical key? (swipe card, USB FOB)
... ??

Ideally, something like the google authenticator system such as Bitbucket already uses.

Hi Rodney,

Steven is referring to the standard 2fa concept of "something you know" and "something you have", so along with your username and password (things you know), you also need a phone to which a passcode will be texted when you try to login (something you have).

As I mentioned above, currently this functionality is not natively available in Confluence, although there are 3rd party solutions as Steven and James have said.

Hi Steven,

You might find the comments from Atlassian on this ticket of interest:

Atlassian are moving to a "managed account" system as a first step towards doing other things, including - I believe - 2fa.  You may also want to watch/vote for this ticket as a lot of Confluence users also have JIRA and run their user management through JIRA.  If you do that then this ticket is of direct interest to you.

Hi Steven,

you can use the 2-factor-authentication add-on for Confluence by SecSign Inc:

Rather than using usb tokens you use your smartphone as the second token.

You will find more information about the confluence add-on and the login procedure at


Besides the confluence add-on SecSign provides 2FA add-ons for JIRA and Crowd as well:

SecSign 2FA add-on for Crowd

SecSign 2FA add-on for JIRA

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Kesha Thillainayagam
Posted Friday in Confluence

We want to hear how your non-technical teams are using Confluence!

Hi Community! Kesha (kay-sha) from the Confluence marketing team here! Can you share stories with us on how your non-technical (think Marketing, Sales, HR, legal, etc.) teams are using Confluen...

301 views 11 10
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you