The Crowd team is looking for feedback on Server & Data Center customers' identity strategies!

Do you own more than one Server or Data Center product? Do you have challenges provisioning users across your Atlassian products? Are you spending a lot of time integrating each Atlassian product with multiple identity solutions in your organization? If you answered yes to any of those questions, you'll want to continue reading and share your thoughts and feedback!

Spend less time managing user identity

We know each of you use some form of identity management to handle user authentication across all of your Atlassian instances today. Whether it's the built-in identity features available in each product, third party marketplace identity apps or internal solutions you've built to manage your Atlassian users and groups - each of these options can present challenges.

If you're using the built-in identity features within the Atlassian products, you're likely spending a lot of time and effort upgrading each of them, as you may not have access to the same identity features across the Atlassian suite until you have upgraded each product. On top of this, these built-in identity features can sometimes place significant load on a product (i.e. Jira Software) causing it to waste resources running user management tasks rather than what it should be focused on (i.e. issue search and issue creation). 

For those using single sign-on (SSO), multi-factor authentication (MFA), or other authentication options provided by a third party, you don't have a single location to integrate with all of your Atlassian products. Instead, you have to configure your identity solution with each Atlassian product you own - potentially exposing yourself to compatibility and upgrade problems in the future.

We understand you need a better way to easily integrate each of your Atlassian Server and Data Center products with your existing identity infrastructure - all while meeting your security and compliance needs. Atlassian Crowd is the solution that meets your identity needs and addresses some of these challenges you are experiencing today.

Centralize identity for Atlassian Server and Data Center products

Today, Crowd allows you to centralize identity for all of your Atlassian Server and Data Center products. Instead of having to manage users in each product separately, you can shift this to Crowd, allowing your other Atlassian products to focus their operations and capacity on their intended purposes. Crowd can easily be used as an integration point between Atlassian Server or Data Center products and your current user directory infrastructure. It also integrates with many different directory types such as Microsoft Active Directory, Open LDAP, Generic LDAP and Microsoft Azure Active Directory.

As most of you probably know, Crowd can also stand as a user directory for Atlassian self-hosted products if needed, and eliminates the need to reach out to your IT team every time you want to modify your users' permissions. With Crowd, you can manage users from multiple directories and control application authentication permissions in one single location. It's built-in audit log allows you to track configuration changes - giving you an additional layer of security. Use Crowd's single sign-on for integrated applications or its REST API to centralize authentication for non-Atlassian applications.

Crowd is also available as a Data Center product providing high availability through active-active clustering so your users will have uninterrupted access to all systems connected to it with zero interruption to their work.

The future of Atlassian's identity management

While Crowd solves many of your identity problems today, we realize there are still challenges with using it as your primary identity management solution. As a team, we're focused on bringing Crowd to the next level so that it can serve as the primary solution that integrates your Atlassian products with your existing identity infrastructure - whatever that may be. Going forward, the identity investments for our Server and Data Center products will be primarily focused on Crowd rather than in individual capabilities within each product.

Crowd will be the single location where you can easily integrate the Atlassian suite with third-party identity systems - including SAML based systems. We will improve Crowd's single sign-on (SSO) experience and your users will be able to log in to all Atlassian applications using a single login page that's easily customizable. This solution will be first available across Jira, Confluence, Bitbucket & Service Desk.

By using Crowd to centralize your identity management across your Atlassian Server & Data Center products you will have instant access to the newest authentication options and user directory connections provided by Atlassian and third party vendors, without needing to upgrade and configure each product separately. All you will have to do is update Crowd to have these features reflected across all of your Atlassian products.

We'd love your feedback!

We'd love for you to join us in this journey as we continue to improve the integration between your identity infrastructure and Atlassian products. We'd love to hear what you think so please comment with your questions, comments and feedback to join the discussion. 

6 comments

Christian Reichert (resolution)
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 28, 2018

Hi Team,

great initiative - I work for a Marketplace Vendor and we have a variety of authentication plugins in the Marketplace.

I personally think having a good solid base product and a vibrant marketplace is a great combination to address the very varied challenges from our customers.

Hence top of my wish list would be to invest some time and effort into getting the API's (stability, documentation, ease of use) en par with the rest of the Atlassian Products. Also open the Atlassian Marketplace up to Crowd Plugins, so that they can be easily made accessible, distributed and monetised in some cases.

This would allow a whole raft of Marketplace Vendors to start developing extensions to Crowd, so that you can focus on a core featureset that benefits most customers.

On another note I also head comments from Partners & End-Users that they are unsure if you see a future for Crowd. So a clear statement & roadmap (which this is probably the kick-off for) would also go a long Way.

Feel free to reach out to me if you like more details on the above thoughts.


Cheers,
  Christian

Steffen Opel _Utoolity_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
February 28, 2018

Great initiative! We (Utoolity) would love to add Crowd to the products supported by Identity Federation for AWS (currently available for Jira, Confluence and Bamboo, and soon for Bitbucket). In fact, we initially envisioned to first and primarily support Crowd for the very reasons you emphasized, especially to 'be the single location where you can easily integrate the Atlassian suite with third-party identity systems' (AWS' Identity and Access Management (IAM) in our case).

However, Crowd still lacks a few features to allow for professionally supported apps by Marketplace vendors - here are the three missing ones that would enable us to offer our app for Crowd as well:

  1. Support for the Universal Plugin Manager (UPM) to ease app and license management
  2. Support for your Paid via Atlassian payment model in the Marketplace
    • While Identity Federation for AWS is free for licensees of our other AWS integrations, it considerably eases AWS credentials management for administrators as a standalone app already and we have customers who prefer this lower priced option.
  3. Support for your Active Objects database abstraction layer so that we can continue maintaining the identical core app across all your products.

Once Crowd support would be available, we would for example be able to add Amazon Cognito User Pools as an additional 'authentication and user directory connection' which would be particularly useful for the centralized identity management across Atlassian Server & Data Center products that you envision here.

We'd be more than happy to collaborate on this, just let me know if you would like to discuss this further.

Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
February 28, 2018

Hello Crowd Team,

Great initiative indeed! I work for a Marketplace vendor too and we care about Crowd's future as we already develop add-ons for this product or for other products that integrate with Crowd.

I think you guys made a great job with Crowd Data Center as native clustering was a very popular request among Crowd customers. I attended Atlassian Team Tour in Paris a couple of weeks ago and I could see that new cool features are coming to Crowd in the next few months (for example administration delegation) so it seems to me that you're keeping up the good work and I'm glad about that.

I don't have much complain about Crowd's documentation and APIs (though UPM would definitely be a plus). What I would like to see in the future is a a consistent roadmap on the implementation of new (requested) features. Some of them are marked as very urgent and never implemented while others have a low-level priority and finally get implemented. In the end, it's a bit hard to see what's really coming or not, which can be a major issue for add-ons vendors like us.

Please feel free to contact me if you want to discuss this further.

Marcin Kempa
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 2, 2018

Thank you @Christian Reichert (resolution)@Steffen Opel _Utoolity_ and @Bruno Vincent for those kind comments!

 

The requests for adding support for UPM, Active Objects, more robust REST API and better documentation resonate with what we are thinking about in terms of improving Crowd's ecosystem support.

We understand that those are the crucial parts that would help to build more integrations and increase the adoption of apps among customers while making the life of vendors easier.

At the moment our main efforts are related to improving features in Crowd like audit log and implementing new ones such as delegated group administration. However, since the ecosystem is important for us, we are also dedicating part of our work into tasks that, in our opinion, would improve vendors support.

Regarding our roadmap and plans for feature requests, we are striving to be as transparent as we can be, thus this post on the community, but points have been taken that still some improvements can be made here.

 

Best Regards,
Marcin Kempa
Crowd Team

Craig Castle-Mead
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
March 2, 2018

Always happy to help. As a customer on the bigger, but definitely more complex end of the scale, Crowd has been instrumental in providing the flexibility but control we’ve needed. As with all products, there’s always room for improvement and being able to discuss this with the product teams is a great benefit of working with Atlassian products. 

Have spoken with @Marcin Kempa and the Crowd team on numerous occasions and have seen improvements directly based on feedback. 

 

CCM

Deleted user April 19, 2018

We are evaluating Crowd for the user management of several JIRA and Confluence instances on different servers, with specific groups to allow role-based permissions. Most of our users are in the company wide Active Directory that is connected to Crowd.

What I miss in the configuration stage are mostly bulk functions:

  • show all members of a group and export the list to some readable format
  • select users through some kind of filter and assign a group to them
  • rename a group
  • import group names with the possibility to add a prefix to their names (to mark their origin) e.g. import groups from Server1 renaming groupX to Server1_groupX
  • map a Crowd group name to an application group name (e.g. all members of Server1-confluence-admins are members of confluence-administrators when they login to Server1)
  • an easy way to migrate from local user management to Crowd user management:
    • find all users in a local Server1 user directory matching a user in the Active Directory and make them members in a selected group

The wishlist is still growing while I am trying to mirror the existing servers' user configurations to Crowd.

Comment

Log in or Sign up to comment
TAGS
AUG Leaders

Atlassian Community Events