Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-832

Enable organization admins to view the authentication policy and method each user utilized when logging into Atlassian.

XMLWordPrintable

    • 20

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      Some admins have users logging in through SSO, social login (e.g., Continue with Google), or the default method (Atlassian email and password), but they are unable to see which login option the user is utilizing or which authentication policy the user is assigned to.

      Suggested Solutions

      Include the authentication policy and method used by the user in the Org audit log.

            [ACCESS-832] Enable organization admins to view the authentication policy and method each user utilized when logging into Atlassian.

            SET Analytics Bot made changes -
            Support reference count Original: 19 New: 20
            SET Analytics Bot made changes -
            Support reference count Original: 18 New: 19
            SET Analytics Bot made changes -
            Support reference count Original: 17 New: 18
            SET Analytics Bot made changes -
            Support reference count Original: 16 New: 17
            SET Analytics Bot made changes -
            Support reference count Original: 15 New: 16
            SET Analytics Bot made changes -
            Support reference count Original: 14 New: 15
            SET Analytics Bot made changes -
            Support reference count Original: 13 New: 14
            SET Analytics Bot made changes -
            Support reference count Original: 12 New: 13

            Stefan Papakostopoulos added a comment - - edited

            Hi from CES-53693
            I'd like for the logs (I'm talking about audit logs sent to a SIEM via webhook) to contain information on which authentication policy was used (by name and id), and the current settings of the authentication policy (since they can change). 

            In the json for the audit event "action": "user_login" it would be nice to either add another block or add more information under context. attributes.context.attributes.authFactors shows I had SAML authentication, but what if there is more than one IDP and more than one Authentication policy requiring Single Sign On? Perhaps consider adding something like

            authenticationPolicy.Name

            authenticationPolicy.Id

            authenticationPolicy.SingleSignOnEnforced (true/false)

            authenticationPolicy.SingleSignOnIDP (IDP Entity ID from the associated SAML configuration)

            authenticationPolicy.ApiTokens (true/false)

            authenticationPolicy.IdleSessionDuration

            etc. and all the fields like Password Requirements and expiration for policies that are not enforcing single sign on.

            Fields should be null if not set, but present for consistent reporting/visualization. 

            Stefan Papakostopoulos added a comment - - edited Hi from CES-53693 I'd like for the logs (I'm talking about audit logs sent to a SIEM via webhook) to contain information on which authentication policy was used (by name and id), and the current settings of the authentication policy (since they can change).  In the json for the audit event "action": "user_login" it would be nice to either add another block or add more information under context. attributes.context.attributes.authFactors shows I had SAML authentication, but what if there is more than one IDP and more than one Authentication policy requiring Single Sign On? Perhaps consider adding something like authenticationPolicy.Name authenticationPolicy.Id authenticationPolicy.SingleSignOnEnforced (true/false) authenticationPolicy.SingleSignOnIDP (IDP Entity ID from the associated SAML configuration) authenticationPolicy.ApiTokens (true/false) authenticationPolicy.IdleSessionDuration etc. and all the fields like Password Requirements and expiration for policies that are not enforcing single sign on. Fields should be null if not set, but present for consistent reporting/visualization. 
            SET Analytics Bot made changes -
            Support reference count Original: 11 New: 12

              Unassigned Unassigned
              jnunes@atlassian.com João Nunes
              Votes:
              6 Vote for this issue
              Watchers:
              18 Start watching this issue

                Created:
                Updated: