Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Mandatory SSO login for specific user groups

Jakob KN
Jakob KN
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 15, 2023

Hi Community, 

We're about to test out Crowd for our Jira and Confluence instances, to assess whether or not we should be implementing this for user management. 

I know it's possible to enable SSO and disable basic authentication for logins, but I'd like to know if it is possible to disable basic authentication for specific groups. 

For example, we'll allow basic authentication for certain integration/service accounts where the 3rd party system can't use access tokens, but regular users have to use SSO and will not be allowed to log in with basic authentication. 

Is this possible?

(We're on Data Center versions of both Jira and Confluence)

Answer
Watch
Like Be the first to like this
583 views

1 answer

0 votes
Craig Castle-Mead
Craig Castle-Mead
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 15, 2023

Hi @Jakob KN 

I'm not sure if you can really achieve what you're after, but the way I'd approach it (in testing, on a non-prod environment </disclaimer> )

  1. Setup a Crowd directory with two applications linked to it (one you use for SAML, one you use for "traditional" Crowd auth)  use the "Groups that can authenticate" option to limit which set of users could authenticate to each type of app, setup your Jira/Confluence User Directories pointing to Crowd
  2. Then setup https://jira.company.com/plugins/servlet/authentication-config to give you SAML auth, one issue we had with this type of approach (in testing):
    1. This would give your users a choice of which directory they needed to login via, and may be confusing

CCM

Reply

Suggest an answer

Log in or Sign up to answer
Crowd
Crowd
TAGS
AUG Leaders

Atlassian Community Events

    See all events