Care about security? We do too. Learn what Atlassian does and what you can do too.
Need to test security settings? Learn how with authentication policies.
Eager to configure? Read on about single sign-on.
Manage password policies for users? Set up two-step verification and idle session duration.
Stay on top of data across your organization with all the reports and tracking options we offer.
Learn about where your cloud product data is hosted and the types of data you can move.
Control how users and apps access your Atlassian cloud products.
Set up and manage BYOK encryption to add protection for your sensitive data.
Set up and manage data security policies to secure your organization’s data.
External user security includes these two types of policies for each organization.
External user policy
External user policy
An external user policy allows you to apply security settings to external users. The settings apply to all the external users in your Atlassian organization.
A test policy allows you to test external user security settings for a few users before you roll them out to all your external users. You can add up to 5 external users to a test policy.
After you turn the settings on, they may take a few minutes to apply to external users. When you’re ready to roll out external user security, you can turn the settings on for all your external users from the external user policy.
Learn how to set up a test policy
Review external users before you apply settings
Review the external users in your organization before you change security settings. To review external users and their details, you can export a CSV file of the external users. The export contains information about each external user in your organization.
Learn how to export users
By default, we don't require external users to verify their identity with two-step verification. You need to turn settings on to require two-step verification. When you turn settings on, all external users need to complete two step-verification.
When external users try to access product data in your Atlassian organization, we ask them to verify their identity with a temporary one-time passcode that we email them. Learn about the one-time passcode experience for users
You can turn these settings on and off, but you're unable to change the two-step verification or verification frequency setting.
By default, we don't require external users to re-enter a one-time passcode every seven days. You need to turn settings on to require verification frequency. When you turn settings on, all external users need to verify their identity every seven (7) days.
API token access
You’re able to control API token access to products in your organization with the API token access setting. This setting affects all external users within the organization.
Was this helpful?