Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
What is external user security?
People in your organization work with external users beyond your administrative control. For example, these people can be from outside your company or from different departments inside your company.
As an admin, you manage the tension between how to:
Give external users access to encourage collaboration with your employees
Prevent unwanted access to your data
External user security helps you protect data in your organization. You can require an extra step of security when external users try to access your organization’s data.
This is an example of how external user security works:
User logs in to Atlassian to access Confluence in Bancly Inc.
User clicks on Jira ticket from Acme Global but needs to verify their identity to view the ticket
User verifies their identity with a one-time passcode
User views Jira ticket in Acme Global
Limitations of external user security
External user settings don't apply in some cases. We won't verify the identity of external users when they:
View in-product notifications
View data through an app link
External user access to Atlassian products
External user security settings apply to all the external users in your Atlassian organization that use these products:
Confluence (includes Confluence guests) Learn more about Confluence guests
Jira Product Discovery
Jira
Jira Service Management (Atlassian accounts only)
External user access to Atlassian mobile apps
External user security settings apply to all the external users in your Atlassian organization that use these Atlassian mobile apps:
Confluence
Jira
Opsgenie
External user access to public content
An organization may make content available anonymously to users which means it’s public content. When you apply external user security to the organization, an external user may not be able to view the public content anonymously.
For instance, a user is not logged into an Atlassian account when they view content anonymously in an organization. If the user logs in, they can’t view the content because they are no longer anonymous. They are now an external user and must verify their identity to view content in the organization.
Was this helpful?
Still need help?
The Atlassian Community is here for you.