Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Deleted user
Level
0 / 0 points
Next:
badges earned

Your Points Tracker
Challenges
Leaderboard
  • Global
  • Feed

Badge for your thoughts?

You're enrolled in our new beta rewards program. Join our group to get the inside scoop and share your feedback.

Join group
Recognition
Give the gift of kudos
You have 0 kudos available to give
Who do you want to recognize?
Why do you want to recognize them?
Kudos
Great job appreciating your peers!
Check back soon to give more kudos.

Past Kudos Given
No kudos given
You haven't given any kudos yet. Share the love above and you'll see it here.

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How to authenticate into Jira, Confluence, and Bitbucket with your AWS Application Load Balancer

Problem statement

Most Atlassian Data Center installations are hosted on AWS. That gives the option to enable the Amazon’s Application Load Balancers (ALBs) you're already using for distributing traffic among nodes to also handle authentication.

There are mainly 2 advantages to this approach.

  • First, it shields the Atlassian product from all unauthenticated traffic, offering an additional layer of security and making DDoS attacks and similar threats impossible.

  • Secondly, it offloads the authentication away from your instance, increasing performance even when thousands of users are logging in at the same time in peak hours.

Unfortunately, there are also several nuisances setting this up out of the box.

  • Users must authenticate twice. Once, via the IdP when the request is intercepted by the AWS ALB. A second time, when the user actually reaches the Atlassian application. This can be particularly upsetting, as users need to remember to use their IdP password up front, followed by their local password.

  • If you use SSO, you must setup and maintain the two configurations. SSO gets rid of the second authentication event for the user. However, it also increases complexity and makes debugging of failed authentication attempts significantly more difficult. You want to keep your application architecture as simple as possible.

Solution: Setting up seamless authentication with AWS ALB into Atlassian products

AWS_Infographic_AWS_Infographic_Blog_1.png

At resolution, we have published AWS ALB and Amazon Cognito Authentication, an app that creates a seamless authentication flow between the ALB, the IdP, and the Atlassian application.

AWS_Logo_80x80px-13-13.png

  • The app takes information from the OIDC tokens and token claims during the authentication exchange between the ALB and the IdP, then uses that information to log in the user into the Atlassian app.
  • Users are automatically logged into Jira, Confluence or Bitbucket once they authenticate through the IdP.

Prerequisites

  • Atlassian applications hosted in AWS

  • An active Application Load Balancer (ALB)

  • An OIDC-compliant identity provider, such as Okta, Azure AD, or GSuite. Alternatively, you can use SAML-compliant IdPs combined with Amazon Cognito user pools

Steps

  1. Install AWS ALB and Amazon Cognito Authentication for Jira, Confluence, or Bitbucket (coming soon)

  2. Configure your IdP and your AWS ALB. Here you have the complete setup with Azure AD, but do let us know if you need help setting up any other IdPs.

  3. From within the AWS ALB Authentication app configuration in your Atlassian application, select the preset for your IdP and follow the steps of the documentation.

image-20210329-092819(1).png

Save the configuration. If you run into any issues, get in touch with our support team and we’ll gladly help you set it up!

0 comments

Comment

Log in or Sign up to comment
TAGS
Community showcase
Published in Marketplace Apps & Integrations

New Cloud Apps Roundup - April 2021

Atlassian's marketplace partners have had a very productive start to 2021! Since our last roundup, our developer community has added over 160 new cloud apps to the Atlassian Marketplace to help you...

307 views 3 20
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you