Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1017

Accounts synced from GSuite can't have their Atlassian 2SV reset

XMLWordPrintable

      Issue Summary

      The G Suite integration enables admins to let users decide how to log in: either with Google, or with their email + Atlassian password + (eventually) the Atlassian 2SV.

      If users want to login with Atlassian, and have 2SV (2FA) enforced by the org admin, the admin can't exclude a single user from 2SV (so that the user is able to reset it)

      Steps to Reproduce

      1. Claimed domain, Atlassian Access, managed accounts
      2. Enforce 2SV for everyone
      3. Connect G Suite, but allow users to chose how they want to log in.
      4. One user needs to reset their 2SV

      Expected Results

      The admin should be able to exclude only that user from 2SV, just as it's the case with non-provisioned accounts

      Actual Results

      The Atlassian organization shows that account as provisioned and the admin is asked to go to the identity provider for 2SV, when in fact it's the Atlassian 2SV that needs to be reset

      Workaround

      The admin can only disable the enforcement of 2SV for everyone, to allow that particular user to reset it.

      Authentication policies might help solve this issue, but currently this functionality is not rolled out to 100% of organizations.

            [ACCESS-1017] Accounts synced from GSuite can't have their Atlassian 2SV reset

            Anusha Rutnam made changes -
            Resolution New: Fixed [ 1 ]
            Status Original: Short Term Backlog [ 12074 ] New: Closed [ 6 ]
            Bugfix Automation Bot made changes -
            Support reference count Original: 1 New: 2
            Shilpa Kulkarni made changes -
            Status Original: Needs Triage [ 10030 ] New: Short Term Backlog [ 12074 ]
            phani made changes -
            Remote Link New: This issue links to "AXW-1178 (Jira)" [ 548340 ]
            Salil made changes -
            Assignee Original: Salil [ swadnerkar ] New: phani [ db8b9677423c ]
            Shilpa Kulkarni made changes -
            Assignee Original: Claudiu Lionte [ clionte ] New: Salil [ swadnerkar ]
            Shilpa Kulkarni made changes -
            Assignee Original: Bhabishya Kumar [ bkumar2@atlassian.com ] New: Claudiu Lionte [ clionte ]
            Shilpa Kulkarni made changes -
            Assignee New: Bhabishya Kumar [ bkumar2@atlassian.com ]
            Bugfix Automation Bot made changes -
            Support reference count New: 1
            Claudiu Lionte (Inactive) created issue -

              db8b9677423c phani
              clionte Claudiu Lionte (Inactive)
              Affected customers:
              0 This affects my team
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: