Issue Summary

In the left-hand sidebar of the user profile, a few options appear:

• Personal access tokens
• Authorized applications
• Two-step verification

I am administering a Jira instance that does not use any of these options, and I do not wish for them to be displayed to my users.

Steps to Reproduce

N/A

Expected Results

N/A

Actual Results

N/A

Recommendation

Add a page for user profile administration in the User Management admin section that allows an administrator to show/hide the above three options and disable/enable the associated functionality if possible.

Workaround

• The JVM startup option -Datlassian.pats.enabled=false will disable Personal Access Tokens. The menu option will still be present, but the user is presented with a message stating that the functionality has been disabled for this Jira instance. This requires a restart to take effect.
• The JVM startup option -Datlassian.authentication.legacy.mode=true disables 2-step verification and removes that menu item from this screen. This requires a restart to take effect.
• An admin can inject custom .css into an Announcement banner to hide these elements on the page. (This is not supported by Atlassian.)