Can we limit the groups in jira that are defined in crowd?

jameshartleroad April 17, 2015

In our crowd instance we have groups for jira, fisheye, confluence administration and use.   They are all available in the JIRA group picker even when we set the Allow all to authenticate to false and specify which groups can authenticate in JIRA.

Other then creating a separate directory in crowd for each application, is there a setting that can be used so only the groups that can be used to authenticate through crowd are brought into JIRA?  Or just to be able to select which groups are brought into JIRA?

For example we have confluence-admin as a group to control who can administer confluence, I don't need the confluence-admin group to show up in a group picker for a JIRA issue.

1 answer

0 votes
Rodrigo Girardi Adami
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
April 17, 2015

Hi James,

I believe that just creating different user directories for each application will give you these results. I say that because you need to make Crowd filter the groups and users which will appear to the application.

JIRA / Confluence and any other tool that connects to Crowd will retrieve all information that Crowd sends to it. This means that if the directory configured in Crowd contains the JIRA admin group and Confluence admin group, these will appear in Confluence and JIRA, unless you create two different directories and call them JIRA directory / Confluence Directory and configure them with these apps separately.

There might be alternatives that I don't know, so let's keep this question open for others to participate.

Cheers,

Rodrigo 

jameshartleroad April 17, 2015

The reason I was looking for a solution other than creating a director per app is that if I have to do that then I don't see any point in using crowd. i.e. I might as well have a user store in each application if I have to have a directory for each application.... The solution I'm looking for would probably have to be on JIRA to either limit what groups are brought in from crowd or the ability to control what groups are displayed in the group lists.

Suggest an answer

Log in or Sign up to answer