Following a support ticket I have raised with Atlassian, I'm interested to see others opinions/awareness of the mobile apps, specifically for users external to their organisation. We have been looking into the feasibility of allowing users to access the apps for our Jira Cloud instances.
One of the most important aspects for us was that the app should only be accessible for organisational users. We use SSO for authentication so we know that someone within the organisation would not be able to use the app on a personal device. Therefore we use the following administration tools:
- External User Security (EUS) policy
- IP allowlists
- Mobile app policy
The problem we have discovered is when it comes to external users. Atlassian documentation appears to point to being able to block this type of access. Except they have recently changed this but have not updated their documentation nor administration pages. If you have an EUS policy, then by default this would block the app but this no longer happens, as my open ticket with support has confirmed. Then if you also use IP allowlists and a mobile app policy, for the app to be functional, you have to enable an option to override the allowlist for the mobile app.
This effectively means if we want to allow access to our sites via the mobile app, we would have to allow all users irrespective of if they are within the organisation or classed as an external user.
Has anyone else come to this roadblock when it comes to using the mobile app?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.