Page History
...
- Identity Services implement authentication methods and access to Identity Providers. For example, credentials such as user account/password can be used as an authentication method to access an LDAP Directory Service as the Identity Provider.
- The JS7 supports a number of Identity Services:
- Build-in Identity Services
Display feature availability StartingFromRelease 2.2.0 - JS7 - JOC Identity Service, see
Jira server SOS JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 6dc67751-9d67-34cd-985b-194a8cdc9602 key JOC-1148 - JS7 - LDAP Identity Service, see
Jira server SOS JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 6dc67751-9d67-34cd-985b-194a8cdc9602 key JOC-1147
- JS7 - JOC Identity Service, see
Display feature availability StartingFromRelease 2.5.0 Display feature availability StartingFromRelease 2.6.0 - JS7 - Certificate Identity Service, see
Jira server SOS JIRA columnIds issuekey,summary,issuetype,created,updated,duedate,assignee,reporter,priority,status,resolution columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 6dc67751-9d67-34cd-985b-194a8cdc9602 key JOC-1547 - JS7 - FIDO2 Identity Service, see
Jira server SOS JIRA columnIds issuekey,summary,issuetype,created,updated,duedate,assignee,reporter,priority,status,resolution columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 6dc67751-9d67-34cd-985b-194a8cdc9602 key JOC-1546
- JS7 - Certificate Identity Service, see
- External Identity Services
Display feature availability StartingFromRelease 2.2.0 - JS7 - HashiCorp® Vault Identity Service, see
Jira server SOS JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 6dc67751-9d67-34cd-985b-194a8cdc9602 key JOC-1146
- JS7 - HashiCorp® Vault Identity Service, see
Display feature availability StartingFromRelease 2.3.0 - Keycloak®, see
Jira server SOS JIRA columns key,summary,type,created,updated,due,assignee,reporter,priority,status,resolution serverId 6dc67751-9d67-34cd-985b-194a8cdc9602 key JOC-1193
- Keycloak®, see
- Build-in Identity Services
...
The JOC Cockpit implements an access layer to integrate a number of Identity Services for Identity and Access Management (IAM).
Built-in Identity Services
- Built-in Identity Services ship with the JOC Cockpit and can be used out-of-the-box.
- The JS7 - JOC Identity Service for local user management does not include elaborated features such as password recovery, password complexity constraints, password rotation, etc. and is not intended for such purposes. Instead, this Identity Service is intended as a starting point for users who operate JS7 for testing purposes.
- The JS7 - LDAP Identity Service typically offers such features from an Identity Provider such as Active Directory.
- The JS7 - OIDC Identity Service offers a token based authentication scheme for direct interaction between the user and the Identity Provider.
- The JS7 - Certificate Identity Service works based on Client Authentication certificates that replace passwords.
- The JS7 - FIDO2 Identity Service offers authentication from use of a secure device.
External Identity Services
...
Permissions and roles are managed using the JOC Cockpit. User accounts and role assignments can be managed using either the JOC Cockpit Identity Service or external Identity Services. See the JS7 - Management of User Accounts, Roles and Permissions article for more information.
Use of Identity Services
...
Identity Services can be ordered to specify a sequence of preferred services for authentication.
Certificate Based Authentication
...
- enforce two-factor authentication with clients having to provide a certificate and a password,
- allow single-factor authentication using a certificate instead of user account/password.
Further Resources
...
Overview
Content Tools