Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence and Jira Questions - Two-Factor and Data Encryption

Kevin Lu
Kevin Lu
Contributor
January 11, 2024

Dear Confluence and Jira Experts,

I just got off a team meeting and the manager wants me to find out two things,

1. For Confluence's space, is there a way to set to a group of users and set up additional authentication check, say password or token (sent to user's email)?

2. For Confluence and Jira, how do we find out where the data is stored? Also, we need to find out the data encryption of the data (files, folders etc) we uploaded to Confluence and Jira.

Thanks!

Kevin

Answer
Watch
Like Be the first to like this
340 views

1 answer

1 vote
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 11, 2024

Welcome to the Atlassian Community!

  1. Yes, you would need to implement some form of multi-authenticator access.  Assuming you are not using Atlassian Access, see https://support.atlassian.com/atlassian-account/docs/manage-two-step-verification-for-your-atlassian-account/
  2. For Cloud systems, see https://support.atlassian.com/security-and-access-policies/docs/understand-data-residency/
View More Comments
Kevin Lu
Kevin Lu
Contributor
January 11, 2024

Dear Nic,

Thank you for your reply.

For the first question, what I mean is assuming the users have already logged into their account and when they get to a space on Confluence, it again requires them to do the multi-authentication (or input their login password again) in order to prove they're the real people who have access to the space.

For the second question, I didn't get it working as my organization's URL is https://confluence.[organization_name].ca but the request says I must input atlassian in the URL. In this case, what do I do?

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 11, 2024

Ah, I see.

1.  I am sorry.  I missed reading the "in a space" bit at the beginning and jumped straight into MFA.

This cannot be done on a space by space basis on Cloud.  MFA is a global setting.

2. I gave you that link because you selected Cloud when telling us about your system.  The URL you've given is for a Server or DC installation. 

This will be being hosted by your organisation, so for both location and encryption settings, you need to ask your administrators.  (For what it's worth, a .ca domain means it is likely to be in Canada, or at least an AWS/Azure/Google region that covers Canada)

So, on the MFA, you can get close on Server/DC.  There are a number of MFA-enabling apps for Atlassian servers, and most of them allow you to divide your users into two groups;  "Must use MFA" and "Does not need MFA".

If you make sure the users in the first group do not have "view space" in the spaces you want to protect with MFA, you've got the protection you need.  But in a different shape.

There is another option, which is to implement this in the network rather than Confluence.  I have actually managed to do this, but I got a lot of help from two people who helped write Apache, and I don't think I could replicate it again.  What we did was move the MFA into the Apache we were using as a proxy in front of Confluence.  In there, we built a set of rules that said "If URL requested is https://ourconfluence.ourorg.com/spaces/<spacekey>/*, then demand MFA, if it's not already been done by this user".  (We did it for the admin sections as well)

Like Kevin Lu likes this
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.