Use Crowd for SSO only, not authentication

We are running Jira, Confluence, Bamboo, Stash and Crucible in our environment.  We would like to enable SSO for the applications.  We purchased Crowd but it's not working as I expected (maybe I'm missing something).  I have all the applications setup with their own directories.  It appears that when I add the applications and import the users, I cannot add a user in Directory A to Directory B?  I have to manually add the users for each directory.  That is a lot more work then adding the user directly into the application itself.  My question is can I setup a main directory in crowd that would handle just the SSO, not the authentication for each application?

3 answers

Hi Wesley, I think I didn't understand what you mean by add a user in Directory A to Directory B. Would you mind give a bit more details about the steps you're following? Cheers

Sorry for the lack of info, new to the Atlassian products. I have Crowd setup as follows: Directories: I have a directory for each app; Jira, Confluence, Bamboo, Stash etc Groups: Each directory has one or more groups, Jira Admin, Jira User etc. What I'm having an issue with is that when I add a new user I have to set them to one Directory, go back and then assign them to a Group under that directory. I'm not able to find a way to add a user and assign them to multiple Groups which is time consuming as I'll need to re-enter the user info in Crowd for each application. I was hoping there is a way to just use Crowd for SSO and not authentication via the apps. We only have about 60 users and add one or two a month so entering them in the individual apps is faster then entering them into Crowd. Unless I'm missing something I'm not really seeing the benifit of having the user authenticate via Crowd since I have to enter them into each individual Directory then take the additional steps of assigning them to a group (most all of the apps assign them to the user group at least).

0 votes

I'm not entirely sure by what you mean by "for SSO only, not authentication", but it sounds like you may be after a shared userbase between JIRA, Confluence, etc? If so:

Rather than have a directory per application, it's more common to have a single directory shared by each application configured in Crowd. That means that you only need to add users to a directory once and then that definition will be shared across applications, though you will still need to add them to the necessary groups for that one directory (since Crowd doesn't know which groups are meaningful for the connected applications).

Does that answer your question? If not, please comment and I (or Tiago) will do my best to clarify.

Suggest an answer

Log in or Sign up to answer
Community showcase
Asked Thursday in Jira Ops

I'm John Allspaw, Ask Me Anything about incident analysis and postmortems

I'm John Allspaw, co-founder of   Adaptive Capacity Labs, where we help teams use their incidents to learn and improve. We bring research-driven methods and approaches to drive effective inciden...

3,100 views 8 7
View question

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you