Hello,
We have a need to use automated accounts which interact with our Jira instance (Jira 9.12 DC) via the front-end UI, due to various factors we're not able to authenticate these accounts using our SSO provider via SAML.
We're investigating the use of the SAML bypass URL for these types of use cases, however, we're wondering if there is a way to restrict the use of the SAML bypass URLs to specific groups only.
We'd like to require normal users to go through the SSO/SAML process, however allow approved accounts used by automations to use the SAML bypass login process.
Are there any configuration options or plugins that can enforce such restrictions to the SAML bypass URLs?
I'm not sure if the Atlassian SSO allows you to restrict SAML bypass URLs to specific groups. If you are considering a third-party add-on, I would like to suggest trying out the miniOrange Jira SAML SSO plugin.
With the help of this plugin, you can Restrict the Backdoor URL to certain groups in the application.
When you enable this option, you’ll be asked to enter the groups to whom backdoor access should be provided. Now, when a user tries to access the backdoor URL, he’ll be asked for his username first and if that username belongs to the configured group, only then will he be able to use the login page.
Let me know if you would like to have a demo of this. You can raise a ticket via link and I'll make sure that a miniOrange representative gets back to you.
P.S. - I work for miniOrange, one of the top security vendors on the Atlassian Marketplace.
Thanks,
Aditya
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.