Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,458,120
Community Members
 
Community Events
176
Community Groups

What's the correct way to use Groups for Crowd using SSO?

I've been playing a bit with Crowd integration with JIRA and Confluence and using SSO. I have a single user base (just employees of my company). I want to use Single sign on between JIRA and Confluence.

I have JIRA 4.2.3, Confluence 3.4.9 and Crowd 2.3.3

Two questions:

  1. How many user directories should I have in Crowd? One directory for all employees, or one for each of JIRA and Confluence (where each employee has an account in both)?
    I assume it's one directory (Single Sign On doesn't appear to work when I add my users to both a JIRA and Confluence directory)
  2. Assuming I should go with one directory, how should I do groups? I have Confluence groups that I don't want to show up in JIRA, and I have JIRA groups that I don't want to show up in Confluence. But when I have a single directory, and I add a Confluence group to a user, that group also appears in JIRA for that user. And vice versa.

Any tips on how this should be set up?

1 answer

1 accepted

0 votes
Answer accepted

Use one directory and use groups in the applications to control athentication into the applications. Yes you will see all the groups from the directories in each application but those groups don't need to have 'use' permissions to those applications.

Oh and I guess, the group assignments etc.. really have nothing to do with SSO. You can't have some users supporting SSO and others not (that I'm aware of anyway)

Thanks for the confirmation. SSO only plays in because then I can't use different directories for different applications. If I wasn't using SSO, I could create a directory for each app, with identical user names in each, and keep the groups separate.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events