...
Guide for disabling in Jira:
https://confluence.atlassian.com/adminjiraserver073/configuring-secure-administrator-sessions-861254024.html
In Confluence, please navigate to the address <your_confluence_url>/admin/viewsecurityconfig.action and turn off the value “Secure administrator sessions”.
In version 5.1.0 of Kantega SSO re-login via a SAML or OIDC based Identity Provider has been added to perform websudo (see below image).
...
User Directories
How are Kerberos users mapped to accounts in User Directories?
...
This is by design and default activated on Jira and Confluence. If you would like .
In version 5.1.0 of Kantega SSO re-login via a SAML or OIDC users to be able to enter the admin section without entering their passwords, Atlassian has a way of disabling secure administrator sessions (WebSudo)https://confluence.atlassian.com/adminjiraserver073/configuring-secure-administrator-sessions-861254024.htmlbased Identity Provider has been added to perform websudo (see below image).
...
See also some consideration regarding when you can use a password to log into websudo here: https://kantega-sso.atlassian.net/wiki/spaces/KSE/pages/1769694/User+provisioning#A-note-regarding-admin-users-and-websudo-(secure-admin-sessions-in-Jira-and-Confluence)
API Tokens
User accounts gets locked out when API tokens gets invalidated or expires. How can I prevent this from happening?
...