The manual maintenance of users and groups (also called user provisioning) in Jira is cumbersome. Our new plugin ensures that new employees have immediate access to Jira and can be deactivated immediately.
Jira and Confluence are important tools, new employees need access to them from day one. We at linkyard for example create a personal orientation page for new employees with all the information they need. A new user is created in Confluence relatively easily, but the user lifecycle does not stop there. The employee gets additional responsibilities or leaves the company after a few years. Does your company have this entire process under control? Or do users remain in Confluence who actually left the company a long time ago? This is not only a problem from a compliance point of view, but also occupies user licenses, which ultimately costs more.
Central user management
It is therefore a good idea to solve user management centrally, either through a cloud service (Okta, OneLogin, Azure AD, Google Suite etc.) or in a full-fledged IAM tool (Omada Identity Suite, Sailpoint etc.). This means that users only have one account and one password and automatically get access to all the systems they need.
Why SAML alone is not enough
SAML or OIDC can be used to easily connect to Jira or Confluence, but SAML only solves the problem of authentication. Although users can be created automatically during authentication and sometimes also be assigned to groups, but only in the context of the login of this user. For example, a user is not visible in Jira until he or she has logged in for the first time, although it is quite possible that he should be assigned tasks before. User exits cannot be mapped with SAML: The user in question has de facto (unless he has set a password) no longer access to Jira because he can no longer authenticate himself, but he still occupies a license and appears as an active user. Likewise, SAML does not allow reconciliation, i.e. no comparison between the target data in the IAM system and the actual data in Jira or Confluence.
Efficient, simple and compliant
With SCIM 2.0 a standard for the automatic creation, mutation and deletion of users has been established. This is supported by most IAM cloud solutions and software products. With our app Automatic User Provisioning Jira, Confluence and Bitbucket can be fully connected to the central user and authorization management. Authorized users are automatically created, team changes immediately lead to correspondingly adjusted permissions and the user is automatically deactivated when leaving. This ensures that new employees can start working right away and at the same time increases security. Especially for companies with an ISO 27001 certification, it offers a great relief of work, as it eliminates the need for manually maintained leaving checklists and the tedious periodic checking of users and authorizations in the connected systems.
Quick and easy to set up
The integration of Jira, Confluence and Bitbucket is easy and done within max. 2 hours. We provide detailed instructions for the common IAM providers. If the solution you are using is still missing, we will be happy to help you set it up via videoconference if required.
We have placed special emphasis on making the setup as easy as possible and on direct feedback. For this purpose, we have integrated a special diagnostic mode in which all actions performed are directly visible.
Almost no configuration is required in Jira, you only need to provide the displayed information to your Identity Provider (One Login, Azure AD, etc.)
Schema with real data
Take a look at what you have to configure in the identity provider thanks to real-time data.
Activate the Request Log to see exactly what communication takes place between Jira and your Identity Provider. This way you can analyze and fix configuration problems within minutes.
Also in the future we will devote ourselves more and more to the development of Atlassian plugins to solve specific problems for our customers.