How to Enable CAC/PIV Authentication for Your Atlassian Products

April 27, 2020 | by Anjana Ramesh | Posted In Atlassian, CAC/PIV Authenticator

CAC/PIV Authentication for Atlassian Suite

Government organizations in the US need to adhere to a mandatory, government-wide standard for secure and foolproof two-factor authentication in order to protect facilities and IT systems. As a result, the US government has issued smart cards called CAC (Common Access Cards used by the Department of Defense) and PIV cards (Personal Identity Verification cards used in other branches of the US government) to all government employees as a standard authentication system. This enables them to gain access to buildings and controlled spaces as well as computer networks, systems, and online resources. An employee’s CAC/PIV card and a personal identification number are the two credentials that a two-factor authentication system requires.

Many government organizations use Atlassian products to run their mission-critical projects and operations for more effective collaboration. These organizations need a robust solution that extends smart card access control to Atlassian tools to ensure right users have the right access. The solution must enable secure access to Atlassian tools for valid CAC/PIV card holders, without compromising on operational ease and speed. Goldfinger’s CAC/PIV Authenticator is an easy-to-install solution that meets these requirements.

Enable CAC/PIV authentication for Atlassian Suite using Goldfinger’s CAC/PIV Authenticator

Our CAC/PIV authenticator solution equips all Atlassian products like Jira Software, Jira Service Desk, Jira Core, Bitbucket, Bamboo, and Crowd with CAC/PIV authentication capabilities. The authenticator uses client certificates for authentication, thereby protecting critical systems from unauthorized access. It offers Atlassian users quick and easy access to all the applications without any complexities.

How does the solution work?

The solution can be easily integrated into an organization’s current environment and infrastructure. By default, when users are attempting to log in to any of the Atlassian applications, the application prompts the users with their Atlassian user ID and password.  If the user is a valid CAC/PIV card holder, he automatically logs into the Atlassian application on successful user authentication.

The authentication process

A validated client certificate is stored on the user’s PIN-protected smart card. The solution accesses the certificate through the user’s internet browser to authenticate the user. In some cases, the browser prompts the user to select the certificate. Otherwise, the solution automatically validates the default certificate installed into the browser.

Subsequently, the solution compares the user credentials fetched from the client certificate with Atlassian’s user directory to check if the user is authorized to access the application.

Once authenticated, the user logs in and gains access to all the permitted features associated with the Atlassian application.

Key features of the CAC/PIV Authenticator solution

Quick and easy sign-on: The CAC/PIV Authenticator grants quick and convenient sign-on options that enable hassle-free access to the Atlassian Suite.

Easy and quick installation with no hidden costs: You can quickly install the plugin and integrate it with your IT system by following the instructions in the installation guide. Subsequently, you get instant access to the app, which is not based on any other solution or service. Therefore, the solution does not incur additional costs.

Advanced compatibility: The solution provides access to all compatible Atlassian products including the Atlassian Data Center. It also allows you to easily customize accessibility to the applications by setting role-based permissions.

Benefits of the CAC/PIV Authenticator solution

Secure identification with reliability: The solution meets the demand for a secure, robust form of identification while maintaining mission-critical reliability.

Common authentication for all systems: Users can access the Atlassian applications with the same CAC/PIV card used to access all the physical facilities and computer resources.

Establishes accountability: It helps to foster security and accountability practices tied to the identity of individual Atlassian users.

So, is this CAC/PIV Authenticator solution confined only to the government organizations? No. Other organizations that use smart cards with client certification can deploy this solution to reap the same benefits.

Are you still using traditional authentication methods to access your Atlassian applications? If your organization is a smart card user, switch to our CAC/PIV Authenticator for your Atlassian Suite and enable secure and federal-compliant access control for your mission-critical Atlassian applications.

Watch this video to see our CAC/PIV Authenticator in action!

Do you have more questions? Please feel free to talk to our experts today!