This project implements a set of plugins for authenticating users through Cloudflare Access on Atlassian products.
Currently supported Atlassian products versions:
- JIRA
>= 10 - Confluence
9 - Bitbucket
>= 9
⚠️ Earlier Atlassian products versionsFor earlier versions of Atlassian products, you must use up to plugin version 2.x.
Previously supported versions are:
- JIRA
>= 7.2until9.x- Confluence
6,7,8- Bitbucket
>= 6.xuntil8.x
These instructions apply to all supported Atlassian products, installed locally.
- Download the respective plugin from Releases page
- Login in the Atlassian application as administrator
- Go to Manage add-ons on the administration page or menu
- Select Upload add-on and upload the JAR you downloaded
- Go to System configuration or administration page
- Go to Cloudflare Access menu on the left side menu
- Setup your Cloudflare Access and server details
The configuration screen looks like below in all Atlassian products and the values to be placed in the required fields are available in your Cloudflare Access configuration.
| Option | Description |
|---|---|
| Token Audience (required) | Audience(s) from Cloudflare Access configuration page. Multiple audiences are allowed for the same authentication domain. |
| Authentication Domain (required) | Cloudflare Access configured authentication domain |
| Allowed Email Domain | Emails that match this domain will authorize with their Access JWT. All other emails will be required authorize again with their Atlassian credentials. |
| Match users by | Users can be matched by email or username field |
The configuration is stored and is kept between plugin and Atlassian updates.
Whenever a new version is released, admins will get a notification in Atlassian product UI indicating that a new version is available.
