Polar SSO ensures a smooth and secure login experience across Atlassian's family of server products.
SAML Single Sign-on
SAML allows users to log in using your organization's central login system (also known as a SAML identity provider).
Users log in once with the SAML identity provider, after which they can log in to JIRA directly, without username or password.
Polar SSO supports any provider which can speak SAML, such as Microsoft AD FS, Azure AD, Auth0, Google G Suite, Okta, and OneLogin.
Active Directory Single Sign-on
Kerberos enables users on Active Directory-joined devices to log in directly into using their Active Directory session tickets.
The browser sends a service ticket on behalf of the user, which Polar SSO validates. The user is then logged in. No user interaction is needed.
Passwords are problematic because they are often weak, lost, stolen or reused in systems outside your control.
By configuring a multifactor policy, administrators can enforce verification of an additional factor before users are allowed to log in.
Users can verify using any FIDO-compatible security device, including Windows Hello, MacOS Touch ID, portable security keys (Yubikey, Titan etc).
Also supported is one-time (TOTP) codes from apps such as Microsoft Authenticator, Google Authenticator or Authy.
Polar SSO Policies can be configured to require verification every time the user logs in, or just once per device. Different policies may apply, depending on who is logging in from which network location.
Password-less login with fingerprints or face recognition
Windows Hello, MacOS Touch ID and PIN-verified security keys enable a completely password-less and secure login experience.
These devices support user verification AND two-step verification in a single, integrated user interaction.
Password-less login allows users to log in using their fingerprint, face or security key, without typing passwords or performing extra two-step verification steps.
WebSudo reverification without passwords
Jira and Confluence protects access to administrative functions by requiring that admin users reverify before they can enter the admin interface. (Also known as Secure Administrator Sessions)
Polar SSO allows users to reverify using their SAML provider or by using their fingerprint- or PIN-protected FIDO security key.
This is especially useful for SAML provisioned accounts, since these users normally do not have a password in Confluence or Jira.