Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Forcing 2FA, instance access and user management

Sean Wood
Sean Wood December 13, 2022

Hi all,

I have a complex problem I wonder if anyone could help me solve.

 

  1. We run an instance of Jira Cloud
  2. We have built an application that is directly connected to Jira and uses Jira as the user management system
  3. We have our client and 3 vendors needing to log into our Jira instance
  4. Some Users and Vendors need to access jira. Others Just need access to our Application

The issue:

  • We would like to be able to Force 2FA for our Client and Vendor users - but as we don't own their Domains we cannot do this ourselves

The Ask:

  • Is it possible for our client to set up their own Atlassian Access instance and not pay for any other service but Atlassian Access and force their own users to turn on 2FA - And at the same time have them access our Cloud instance of Jira?

Cheers,

Sean.

 

Answer
Watch
Like Be the first to like this
522 views

2 answers

1 accepted

1 vote
Answer accepted
Dave Meyer
Dave Meyer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 21, 2022

@Sean Wood the answer to your question is yes. Your client could verify their domain, subscribe to only Atlassian Access, and enforce mandatory 2FA for users. We are also working on a 2FA capability that can be enforced on users you don't manage https://www.atlassian.com/wac/roadmap/cloud/external-user-security-eap?search=external&p=b8d50209-93

View More Comments
Sean Wood
Sean Wood December 21, 2022

@Dave MeyerThank you for this. Great news. I also found this which I have applied for:

https://jira.atlassian.com/browse/ACCESS-102

 

Cheers,

Sean.

Like Steffen Opel _Utoolity_ likes this
Reply
0 votes
Joseph Chung Yin
Joseph Chung Yin
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 14, 2022

@Sean Wood 

Hi Sean:

In general, Atlassian Access is for customers to use his/her own IDP to control users management against Atlassian's products.  So, it is my opinion that you cannot use it if you don't use any Atlassian products.

Secondly, accessing your Jira Cloud env requires user licenses.  Therefore your clients will need to be licensed.  Have you thought of setting up your clients with as your domain's users? Are you using Atlassian Access now to enforce 2FA against your env?

Best, Joseph Chung Yin

Jira/JSM Functional Lead, Global Infrastructure Applications Team

Viasat Inc.

View More Comments
Sean Wood
Sean Wood December 14, 2022

Hi Joseph,

Really appreciate you replying to my question. Thank you.

We could provide our clients and vendors with an email address so they could use this. It is one option.

We do not have 2FA forced via Atlassian but we have 2FA turned on Via SSO. The client does not have any SSO provider.

 

As an alternative we are thinking of upgrading to Jira Premium and whitelisting IP's as the client uses VPN Exclusively.

 

Thanks again for the information and input.

Cheers,

Sean.

Like
Joseph Chung Yin
Joseph Chung Yin
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
December 15, 2022

@Sean Wood -

Great.  If my suggestion helped you, please click on Accept answer when you have a chance.

Best, Joseph

Like
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Guard
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

    See all events