Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
Description
Problem Definition
When a user authenticates to Jira, a LoginEvent is triggered.
This event is used by the Audit Log to record when this authentication occurred.
Any type of authentication triggers the same event, meaning there's no way to know which type of authentication the user relied on.
This occurs because there's only one type of login event.
Suggested Solution
As a Jira administrator, it would be ideal if there was any way to differentiate between distinct authentication methods, such as (not a complete list):
- Authentication form.
- SSO (SAML or OIDC).
- REST API with basic auth.
- REST API with PAT.
Each authentication method implementation could then choose their specific login event, which would be listened by the audit log, enhancing the information on the logs.