Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-77581

As a Jira administrator I would like the audit log to differentiate between distinct authentication methods

    XMLWordPrintable

Details

    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Problem Definition

      When a user authenticates to Jira, a LoginEvent is triggered.

      This event is used by the Audit Log to record when this authentication occurred.

      Any type of authentication triggers the same event, meaning there's no way to know which type of authentication the user relied on.

      This occurs because there's only one type of login event.

      Suggested Solution

      As a Jira administrator, it would be ideal if there was any way to differentiate between distinct authentication methods, such as (not a complete list):

      • Authentication form.
      • SSO (SAML or OIDC).
      • REST API with basic auth.
      • REST API with PAT.

      Each authentication method implementation could then choose their specific login event, which would be listened by the audit log, enhancing the information on the logs.

      Attachments

        Activity

          People

            Unassigned Unassigned
            tmasutti Thiago Masutti
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: