Child pages
  • Connecting to JIRA for user management

Stash is now known as Bitbucket Server.
See the

Unknown macro: {spacejump}

of this page, or visit the Bitbucket Server documentation home page.

Skip to end of metadata
Go to start of metadata

You can connect Stash to an Atlassian JIRA instance to delegate Stash user and group management, and authentication.

Choose this option as an alternative to Atlassian Crowd, for simple configurations with a limited number of users. Note that Stash can only connect to a JIRA server running JIRA 4.3 or later.

Connecting Stash and JIRA is a 3-step process:

  1. Set up JIRA to allow connections from Stash.
  2. Set up Stash to connect to JIRA.
  3. Set up Stash users and groups in JIRA.

You can connect to JIRA either when you first run Stash, using the Setup Wizard, or at any time after setup is complete.

If using the Stash Setup Wizard to configure JIRA integration, we recommend that you make use of the automatic back-linking from JIRA to Stash.

(warning) You need to be an administrator in both JIRA and Stash to do this.

See also this information about deleting users and groups  in Stash.

On this page:

Connecting to JIRA

1. Set up JIRA to allow connections from Stash

  1. Log in as a user with the 'JIRA Administrators' global permission.
  2. For JIRA 4.3.x, select Other Application from the 'Users, Groups & Roles' section of the 'Administration' menu.
    For JIRA 4.4 or later, choose Administration > Users > JIRA User Server.
  3. Click Add Application.
  4. Enter the application name and password that Stash will use when accessing JIRA.
  5. Enter the IP address of your Stash server. Valid values are:
    • A full IP address, e.g. 192.168.10.12.
    • A wildcard IP range, using CIDR notation, e.g. 192.168.10.1/16. For more information, see the introduction to CIDR notation on Wikipedia and RFC 4632.
  6. Click Save.
  7. Define the directory order, on the 'User Directories' screen, by clicking the blue up- and down-arrows next to each directory. The directory order has the following effects:
    • The order of the directories is the order in which they will be searched for users and groups.
    • Changes to users and groups will be made only in the first directory where the application has permission to make changes.

2. Set up Stash to connect to JIRA

  1. Log in to Stash as a user with 'Admin' permission.
  2. In the Stash administration area click User Directories (under 'Accounts').
  3. Click Add Directory and select Atlassian JIRA.
  4. Enter settings, as described below.
  5. Test and save the directory settings.
  6. Define the directory order, on the 'User Directories' screen, by clicking the blue up- and down-arrows next to each directory. The directory order has the following effects:
    • The order of the directories is the order in which they will be searched for users and groups.
    • Changes to users and groups will be made only in the first directory where the application has permission to make changes.

3. Set up Stash users and groups in JIRA

In order to use Stash, users must be a member of the Stash-users group or have Stash 'can use' permission. Follow these steps to configure your Stash groups in JIRA:

  1. Add the stash-users and stash-administrators groups in JIRA.
  2. Add your own username as a member of both of the above groups.
  3. Choose one of the following methods to give your existing JIRA users access to Stash:
    • Option 1: In JIRA, find the groups that the relevant users belong to. Add the groups as members of one or both of the above Stash groups.
    • Option 2: Log in to Stash using your JIRA account and go to the administration area. Click Global permissions (under 'Accounts'). Assign the appropriate permissions to the relevant JIRA groups.

This integration will cause all JIRA users/groups to be fetched in Stash but only those that have the "Can use Stash" permission are allowed to log into the application.

This restriction for "can use" permission can be set as per the above 2 options.

 

Server settings

Setting

Description

Name

A meaningful name that will help you to identify this Jira server in the list of directory servers. Examples:

  • Jira Software
  • My Company Jira

Server URL

The web address of your Jira server. Examples:

  • http://www.example.com:8080
  • http://jira.example.com

Application Name

The name used by your application when accessing the Jira server that acts as user manager. Note that you will also need to define your application to that Jira server, via the 'Other Applications' option in the 'Users, Groups & Roles' section of the 'Administration' menu.

Application Password

The password used by your application when accessing the Jira server that acts as user manager.

JIRA server permissions

Setting

Description

Read Only

The users, groups and memberships in this directory are retrieved from the Jira server that is acting as user manager. They can only be modified via that JIRA server.

Advanced settings

Setting

Description

Enable Nested Groups

Enable or disable support for nested groups. Before enabling nested groups, please check to see if nested groups are enabled on the JIRA server that is acting as user manager. When nested groups are enabled, you can define a group as a member of another group. If you are using groups to manage permissions, you can create nested groups to allow inheritance of permissions from one group to its sub-groups.

Enable Incremental SynchronizationEnable or disable incremental synchronization. Only changes since the last synchronization will be retrieved when synchronizing a directory.

Synchronization Interval (minutes)

Synchronization is the process by which the application updates its internal store of user data to agree with the data on the directory server. The application will send a request to your directory server every x minutes, where 'x' is the number specified here. The default value is 60 minutes.

  • No labels