Authentication policies in Atlassian Access
What are authentication policies?
Admins can set authentication policies with managed accounts and apply the authentication settings to members.
The authentication settings that can be configured through policies are:
- single sign-on (SSO)
- enforced two-step verification (2SV)
- password policies (password strength, password expiry)
- session duration
Why apply multiple authentication policies?
There are many reasons to have multiple authentication policies within an organization and the main ones are to:
- designate policies to specific user subsets
- test authentication setting functionality
How it works
Admins have the flexibility to define multiple authentication policies and apply them to different subsets of users in the organization to ensure each set of users have the appropriate level of security.
A separate authentication policy can be set up to test a SAML configuration by enabling single sign-on for a small test group before rolling it out to the whole organization.