Crowd SSO 1.0 Vs 2.0 behaviour against Bitbucket internal users

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community


Platform Notice: Data Center - This article applies to Atlassian products on the Data Center platform.

Note that this knowledge base article was created for the Data Center version of the product. Data Center knowledge base articles for non-Data Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

Crowd SSO is 1.0 is allowing Bitbucket internal users to login 

Environment

Bitbucket - 6.10.0
Crowd SSO - 1.0
Crowd SSO -2.0

Solution

If we enable the crowd sso 1.0 in the Bitbucket properties as following:

plugin.auth-crowd.sso.enabled=true

This would allow all the user's (crowd & Bitbucket internal) to login as if there wasn't any SSO implemented.

However same is not true for the Crowd SSO 2.0. The Crowd SSO 2.0 allows you to 

  • Either, keep two (Bitbucket and Crowd) separate login forms Where internal users can login through Bitbucket form and the Crowd users can login through the Crowd login form.
  • Or , Allow only one kind of login where Crowd user's are able to login and Bitbucket internal users aren't. This approach can be dangerous if you don't have at-least one admin account among the external users as you may lock admin out incase he/she is an internal user.
  • Admin can choose either of the two by navigating to administration > SSO 2.0 as following


Last modified on Dec 29, 2022

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.