Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is it possible to log in to jira using only one link

shadow.fang
shadow.fang July 7, 2020

Our company wants to set up SSO for Jira and other systems, and wants to log in to jira with only one link (the link contains cipher text account password or token), and would like to ask how it can be achieved

I found this access method on the Internet: https://jira.xxxxx.cn/?os_authType=basic&os_username==&os_password=
However, the user name and password are in plain text, so it is dangerous to decide not to use


I have considered writing a plug-in to complete this requirement, but stuck in this last step, because the last return to another server is a link, click to log in

jira version is 8.4.1, deployed on our own server

Answer
Watch
Like Be the first to like this
830 views

4 answers

1 vote
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 10, 2020

Please look at any of SSO apps available on Marketplace.

The original idea of "a link with something replacing the password" is a security nightmare on itself. What if someone steals your link?

Besides, consider all possible way Jira exposes links to itself e.g. emails. For your solution to work, every possible link will have to be enhanced with such tokens.

Any tokens used for authentication must be generated on the fly, be short-lived, and be based on your credentials. Anything homegrown will require you to enter your credentials to generate the very link – so you end up with the same password-based login. What's the point?

Our app already mentioned above is EasySSO for Jira – we offer 5 different authenticators NTLMv2, Kerberos, SAML, X.509 and HTTP Headers to give you and your Solution Architects more choice in SSO space.

In particular, if you are running a Windows Domain, then with NTLMv2/Kerberos you will achieve exactly what you are after but without any tokens exposed – the user clicks on a regular link (i.e. in the email) and is logged in automaGically though the power of Integrated Windows Authentication, all using industry-standard protocols supported by all major browsers. To be clear, it still does use ciphered tokens, but these are composed and send by the browser automatically as headers with the request.

Reply
1 vote
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
July 10, 2020

EasySSO is another add on that can help with Single sign on options.

Reply
0 votes
Lars Olav Velle _Polar SSO_
Lars Olav Velle _Polar SSO_ July 10, 2020

Hi @shadow.fang 

 

Polar SSO is a brand new single sign-on app from our company that in addition to traditional SAML and Kerberos, also offers two factor authentication and password-less login using e.g. face and fingerprint, apple watch etc)

It also offers the most simple setup of all your choices out there. 

 

Cheers,

Lars

Reply
0 votes
Capi [resolution]
Capi [resolution]
Atlassian Partner
July 7, 2020

Hi @shadow.fang

It's generally not a great idea to create your own plugin for security requirements. What starts like a small project might grow and become unmanageable when you start identifying loopholes, bugs, additional requirements and other maintenance issues to keep the plugin up to date with Jira.

I recommend having a look at solutions in the Atlassian Marketplace like our app SAML SSO, which will help you use established protocols and leave the development complexity to us. Our team can help you set it up and walk you through all the configuration options. There's additional options like OAuth if that's the way you want to go. 

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.