...
- If the two applications you are linking trust each other and share the same user base, configure two-way authentication using Trusted Applications for both incoming authentication
| Excerpt Include |
|---|
| APPLINKS033:_Definition_Incoming_Authentication |
|---|
| nopanel | true |
|---|
| APPLINKS033:_Definition_Incoming_Authentication | nopanel | true |
|---|
|
and outgoing authentication | Excerpt Include |
|---|
| APPLINKS033:_Definition_Outgoing_Authentication |
|---|
| nopanel | true |
|---|
| APPLINKS033:_Definition_Outgoing_Authentication |
|---|
| nopanel | true |
|---|
|
. For example, you may link your internal Confluence instance to an internal JIRA instance. - If the two applications you are linking trust each other but do not share the same user base, configure two-way authentication using OAuth for both incoming authentication
| Excerpt Include |
|---|
| APPLINKS033:_Definition_Incoming_AuthenticationAPPLINKS033: |
|---|
| nopanel | true |
|---|
| _Definition_Incoming_Authentication |
|---|
| nopanel | true |
|---|
|
and outgoing authentication | Excerpt Include |
|---|
| APPLINKS033:_Definition_Outgoing_Authentication |
|---|
| nopanel | true |
|---|
| APPLINKS033:_Definition_Outgoing_Authentication | nopanel | true |
|---|
|
. For example, you may link your internal Confluence instance to an external (customer-facing) JIRA instance. - If you do not have administrative rights to the application that you are linking to (e.g. linking to a public FishEye instance), configure a one-way outgoing link authenticated using basic HTTP authentication or do not configure any authentication for the link. For example, you may link your external JIRA instance to a partner organisation's JIRA instance. An unauthenticated link will still allow the local application to render hyperlinks to the remote application or query anonymously-accessible APIs.
...
| Include Page |
|---|
| APPLINKS033:_gliffyAuthenticationTypesFlowchart | APPLINKS033:_gliffyAuthenticationTypesFlowchart |
|---|
| nopanel | true |
|---|
| _gliffyAuthenticationTypesFlowchart |
|---|
|
Flowchart above: Determining what authentication to configure for an Application Link
...
If you configure Trusted Applications authentication for your application (your servers have the same set of users and they fully trust each other), please be aware of the following security implications:
| Include Page |
|---|
| APPLINKS033:_securityTrustedAppsAPPLINKS033: |
|---|
| _securityTrustedApps |
|---|
|
If you configure OAuth authentication for your application (your servers have different sets of users and they fully trust each other), please be aware of the following security implications:
| Include Page |
|---|
| APPLINKS033:_securityOAuthAPPLINKS033: |
|---|
| _securityOAuth |
|---|
|
Screenshot above: Configuring authentication during application link setup
...
About Primary Authentication Types
| Include Page |
|---|
| APPLINKS033:_aboutPrimaryAuthTypes | APPLINKS033:_aboutPrimaryAuthTypes |
|---|
| nopanel | true |
|---|
| _aboutPrimaryAuthTypes |
|---|
|
About Impersonating and Non-Impersonating Authentication Types
| Include Page |
|---|
| APPLINKS033:_aboutImpersonatingAuthTypes | APPLINKS033:_aboutImpersonatingAuthTypes |
|---|
| nopanel | true |
|---|
| _aboutImpersonatingAuthTypes |
|---|
|
