Data Security & Privacy Policy
| Our enterprise SSO plugins for Jira and Confluence use the OpenID-connect protocol (www.openid.net) to connect with your favorite Single-Sign-On tool. Using an SSL connection (https://...) to connect to your OpenID-connect provider is strongly recommended and secures the connection between the plugin and your OpenID-connect provider. Also, you can set up the client to be confidential so that the plugin needs the configured client ID as well as a client secret to operate. As our plugins redirects your browser to your SSO provider, no password is transmitted to Jira or Confluence at all; it's all handled by your SSO provider. |
|---|
Key facts on Security & Privacy
encrypted HTTPS connection to your SSO provider
support for confidential OpenID-connect clients with client secrets
no storage of the user passwords in Jira/Confluence
integrity of the user data is ensured (signed ID tokens)