We recently went to managed accounts, and along with that, changed our email addresses (due to lack of availability of the domain we wanted to verify.)
The new addresses work; managed accounts are created for users who are logging in with them.
The problem is, since Jira Cloud doesn't enforce any kind of session timeout, there's nothing to prevent users from staying logged in with their old accounts, which are not covered by the security policies we've set at the org level.
Is there any way, as an admin, I can force all users to log out of Jira Cloud so they are then forced to log back in with their new accounts? Even if I disable site access on the old accounts, as long as their session is still active (which seems to be permanently in Cloud), they will continue to have access.
Hello Esther,
Thank you for providing the complete goal you’re wanting to accomplish along with exactly what you need to get this done. The simple answer to if you’re able to log out user yourself is no. The longer answer is, Support should be able to work with you to accomplish your goal.
We went to create an issue to help you along with this but was unable to find which instance you wanted the users logged out of. With this said, we ask you to create a support request and specify the instance you want the users logged out of. To create a support request, please navigate to https://support.atlassian.com/contact/#/ and select “Technical issues and bugs”, then select your product family choosing cloud and enter your instance domain.
If you run into any issues along the way, please do let us know so we may help to expedite this process for you.
Regards,
Stephen Sifers
Hi Stephen,
I am having similar situation. We deployed SAML authentication recently and we like to make sure all users are logging via SAML authentication.
1. I see release note today which related to "Session Duration Management". (https://confluence.atlassian.com/cloud/session-duration-management-976763148.html)
, will it helpful to log out users if no interactive session from user ?
2. Do I need to reach Atlassian Support to log out all my users from instance ?
Thanks in advance for your response.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Manikandan Muruganandam - I had the same question, and contacted Atlassian support. This is their response.
"You are right, because of the SAML SSO integration, reseting the users' password won't have any affect in the way they log in.
However, even if they don't use the Atlassian password to log in, the reset password feature will force them to log out.
Unfortunately, this is the only option available at the moment.
Let me point out, this matter was analyzed previously and it was decided to not have another forced log out option (one that doesn't make things confused as you have mentioned).
Having users working and for no reason being logged out can cause a great negative impact on their experience."
In my opinion, this isn't a great solution; I'd prefer to communicate to my users that they were going to be force-logged out, rather than them getting confusing emails from Atlassian telling them to reset their password, when they don't actually have a password thanks to SAML/SSO. But that's what we're stuck with.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello Atlassian Community,
Just making a follow-up post to close the loop on the current state of this.
In the following feature request, https://jira.atlassian.com/browse/ID-7216 , in Scenario 1 it is stated that when resetting the password on behalf of the users, "The users won't be asked to create a new password, nor receive any notification."
Cheers,
N
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
 
 
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.