Community
Products
Atlassian Guard
Questions
2FA note required when on an approved work site / IP?

2FA note required when on an approved work site / IP?

Hi Everyone,

My company is looking to harden our Atlassian cloud subscription by employing Atlassian Access. I want to set up IP whitelisting so when a user signs in from our workplace, MFA is not required, but when they sign on from a location away from work such as home, MFA is required. Is there a way to accomplish this using Atlassian Access?

Regards.

John

1 answer

1 vote

Hey @John Gilbert ,

Atlassian doesn't support this level of configuration on native Atlassian accounts, but every major identity provider (like Azure AD, Okta, Google, or Onelogin) does. And typically it's configurable by application (so you can set up specific policies for when users are authentication to Atlassian cloud).

So what you would do is use Atlassian Access to configure SAML SSO with your identity provider. Atlassian then delegates authenticatino out to the identity provider, where these controls can be enforced.

Atlassian's native features like IP allowlisting and session duration limits can then become complementary controls that ensure that a user cannot authenticate on a secure network, and then continue to use Atlassian cloud on an insecure network without re-authenticating.

Here are some sample docs from Azure AD and Okta to show you what I mean:

You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.

Product Q&A

Community resources

Support

Top groups

Community resources

Support

Learn

Community resources

Support

Events

Community resources

Support

Get product advice from experts

Join a community group

Advance your career with learning paths

Earn badges and rewards

Connect and share ideas at events

2FA note required when on an approved work site / IP?

1 answer

Suggest an answer

Was this helpful?

Thanks!

TAGS

Atlassian Community Events