Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Not allowing users with basic authentication accessing projects on a Jira cloud site

Jesper Halden
Jesper Halden
Contributor
January 24, 2022

I was wondering if its possible to enforce MFA/SSO etc. for all users no matter which domain they comes from?.....basically not allowing Basic authentication on projects in a site?

thanks

br jesper

 

Answer
Watch
Like Steffen Opel _Utoolity_ likes this
386 views

1 answer

1 vote
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 25, 2022

Hello @Jesper Halden,

Thank you for reaching out to the Atlassian Community!

When it comes to enforcing security policies, it’s only possible to do that with Atlassian access, and when the domain is verified.

If the domain is verified and SAML is configured, users from that domain will always be redirected to the identity provider to log in with SSO, otherwise, they will log in with email and password or use the Continue with Google/Microsoft/Apple.

Regarding MFA/2FA is also only possible to enforce for managed accounts. 

There is a feature request suggesting improvements for that:

Please, click on vote for this issue and also watch it to receive updates from our product managers.

Kind regards,
Angélica

View More Comments
Steffen Opel _Utoolity_
Steffen Opel _Utoolity_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
January 30, 2022

Thanks for the pointer, and fortunately the referenced feature request seems to be finally in the works as of 2022-01-14:

Good news - the ability to enforce 2FA on all non-managed users accessing your organisation's content is something that's currently in the works! You'll find it on our public roadmap too.

Thank you to everyone who offered their time and feedback on our prototypes. Your feedback has gone a long way in shaping what we're building! 

Keep your eyes peeled on this ticket for updates! 

Like # people like this
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events