Versions Compared

Old Version 2

changes.mady.by.user Jon Espen Ingvaldsen

Saved on

compared with

New Version Current

changes.mady.by.user Ole Kristian Aune

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Integrated Windows Authentication / Kerberos gives the end-user access to Atlassian products without entering user name a username or password. It is typically used in an enterprise LAN , and is the preferred choice for Windows domains and Microsoft Desktop environments. 

...

IWA / Kerberos requires that client machines have access to a Key Distribution Center (KDC), which in the Windows world generally means Active Directory. For security reasons, AD is generally not reachable outside the local network/corporate intranet, making Kerberos mainly applicable within a company.

Combine Kerberos with other SSO mechanism

It is perfectly fine to combine IWA with other SSO mechanisms such as SAML or OpenID Connect (OIDC). In such a combination, IWA provides hassle-free login experiences when the user is present at his desktop machine on in the office, while SAML enable / OIDC enables the user to log in when they are on the run go outside the office or when accessing from cellphones or other non-Kerberos compatible devices.

Kerberos for Git

Kantega SSO Enterprise for Bitbucket allows you to utilize the Kerberos protocol to authenticate users logging into Bitbucket as well as to authenticate their Git commands.