Uploaded image for project: 'Identity'
  1. Identity
  2. ID-8378

Return 'MFA Enabled' status via REST API

XMLWordPrintable

    • 2

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      At present, the MFA status (enabled/disabled) of a user is not returned via UI or REST API, so there is no way for the admin to know whether the user has enabled it or not. While the CSV export for managed accounts provides this information, this is not possible with unmanaged accounts. 

      It would add value if the current GET user endpoint supported this property.

       

            [ID-8378] Return 'MFA Enabled' status via REST API

            Roland Flutet added a comment -

            duplicate of this: https://jira.atlassian.com/browse/JRACLOUD-80542

            Roland Flutet added a comment - duplicate of this: https://jira.atlassian.com/browse/JRACLOUD-80542

            Herson Peñaflor added a comment -

            I understand that Atlassian is pushing user administration via an Atlassian Access subscription but for organisations who are unable to subscribe to this, being able to return 2SV-related information linked to a user will be extremely helpful, especially if the Jira site allows access to users who are outside managed domains.

            There is currently no way to check whether a user outside a managed domain is enrolled in 2SV unless explicitly asking the user to send proof - which is an added burden to both end user and system admin.

            Herson Peñaflor added a comment - I understand that Atlassian is pushing user administration via an Atlassian Access subscription but for organisations who are unable to subscribe to this, being able to return 2SV-related information linked to a user will be extremely helpful, especially if the Jira site allows access to users who are outside managed domains. There is currently no way to check whether a user outside a managed domain is enrolled in 2SV unless explicitly asking the user to send proof - which is an added burden to both end user and system admin.

              Unassigned Unassigned
              ezhapa Enida
              Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: