Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
User Management types
This article shows three different ways to manage users in JIRA/Confluence. All types works perfectly together with our add-ons to provide Single Sign On.
In the order of best-practice that we see many of our customers implement in:
1. External LDAP synchronisation to sync & update Users
The preffered way from our perspective, is always to using a LDAP directory in JIRA, connected to the specific LDAP Server (e.g. Active Directory).
- There is only one single User management & provisioning side. No further administration are needed in JIRA/Confluence/Bitbucket.
- Proactive creation/update of Users and Groups on regular intervals (sync).
- Users have the ability/fallback to login with their password if the Single Sign On is disabled (due to failure for example).
- It is reducing the user management efforts substantially.
2. User Creation&Update through the add-on with the JIRA Internal Directory
Customers who cannot use LDAP sync (due to connectivity, policy or because they use another IdP) often use our Add-on to create & update Users in the internal directory. Compared to the LDAP directory, using the internal directory needs more work, because you need to take care of both sides (JIRA Internal directory and LDAP Server).
Furthermore, the User creation & update can only be done during every login. This means for example: An User will not be available in JIRA to assign a task before his first login. Or he may not get a new group assigned before he logs out & back in again.
This type is still preferred compared to manual User creation by many customers, but No 1 above is superior.
3. Manual User management
Still what a few of our customer do but it's usually only chosen for legacy or for policy restriction reasons.