Configuring User Directories

By default, user information is stored in HipChat's internal directory in your HipChat Server database. 

You can choose to manage users in either:

  • HipChat's internal directory
  • an external directory, including JIRA, Crowd, Active Directory or other LDAP directories.
  • an external SAML 2.0 identity provider, including OneLogin, Okta or Active Directory Federation Services. 

Or a combination of these directories.

Using an external directory is useful if you want to grant access to users that are stored in a corporate directory or other directory server, or want to provide single sign-on.

It's a best practice to back up HipChat Server before you enable, disable, or make changes to the user directories.

 

Understanding HipChat Server's internal directory

The internal directory stores user information in HipChat Server's database.

The internal directory is enabled by default at installation. When you create the first administrator during the setup procedure, that administrator's username and other details are stored in the internal directory.

Gliffy-JIRA-Internal Copy

 

Diagram above: HipChat Server using its internal directory for user management.

Connecting to an external directory or identity provider

Here are a few things to keep in mind if you plan to manage users in an external LDAP directory or SAML identity provider. 

Groups

There are no LDAP or user group structures within HipChat Server. Find out how to filter users in LDAP.

User information

To make sure all your users synchronize from your external directory / identity provider to HipChat Server, the user information in your external directories must follow these standards:

  • All users must have email addresses
  • Users' full names must have the format of FirstName LastName

 

Ensure the HipChat group owner has a unique email address that doesn't exist in an external user directory. This allows the group owner to have administrative access to HipChat Server even when the external user directory isn't connected. Learn how to identify the owner.

Emergency admin login

If you have enforced SAML single sign-on only and there's a problem with your SAML identity provider, the HipChat administrator can use the Admin login link on the log in page to log in via HipChat's internal directory. 

 

Was this helpful?

Thanks for your feedback!

Why was this unhelpful?

Have a question about this article?

See questions about this article

Powered by Confluence and Scroll Viewport