Security settings

To manage security settings:

1. If you’re using the new navigation, select the Settings gear  in the top navigation bar. If you’re using the old navigation, select Administration in the left Nav menu.
2. On the left side of the page, select Platform in the Settings section.
3. Select the Security tab.

Use these options to configure security settings for your work:

• Server Name or IP: This setting must be configured for navigation from email to the application.
• Minimum Password Length: Controls the minimum length of a password. The minimum value is 8 characters.
• Minimum Password Uppercase: Controls how many uppercase characters are required in the password. The minimum number of uppercase characters is 1.
• Minimum Password Numeric Characters: Controls how many number characters are required in the password. The minimum number of numeric characters is 1.
• Temporary Links Expiration (Hours): Controls the time limit during which the links to reset a password or to get a new user account are valid. The minimum value is 1 hour. The maximum and default value is 24 hours.
• Session Timeout (Minutes): Controls the session timeout. If you have multiple tabs open and are working in one of them, none of them will time out. If you do not work in any of them for longer than the set timeout and one tab times out, all will time out.
• Enable Touchscreen: Turns on or turns off the touchscreen capability.
• Login Security: Controls the cookie security level at the login page.
  • Populate the login page with the last email: Select this option to store the user's email address in a cookie, allowing the email address field to be populated on the login page. The users have to enter only their password.
  • Do not populate the login page with the last email: Select this option not to store the email address in a cookie. The users have to enter their email address and password to sign in to Jira Align.
• Enable SSO: Allows the processing of single sign requests when enabled.
• Disable Manual Sign In: Controls if the users can access the application by manually signing in through the login page or by using the SSO. The default value is set to No. It is always set to No if the Enable SSO option is set to No. You can set the Disable Manual Sign In option to Yes only when the Enable SSO option is set to Yes. When the manual sign in is disabled:
  • Such security settings as Minimum Password Length, Minimum Password Uppercase, Minimum Password Numeric Characters, and Temporary Links Expiration (Hours) are disabled.
  • The Resend Password link in user properties in User details on the people page and in user’s profile is disabled.
  • Login page is not available for users.
  • Users created while the manual sign in is disabled do not receive a New User Setup email.
• SAML 2.0 Identity Providers: Allows you to use a SAML 2.0 Identity Provider to implement SSO. To add your SAML 2.0 Identity Provider, click Add SAML Provider, then copy and paste the SAML 2.0 Metadata XML. Under NameID Lookup By, select whether you want to use the Email or External ID field to authenticate Jira Align users by. User's External ID can be set on the Edit User page and synchronized through the external connectors. To save the information, click Save & Close. The SAML 2.0 Metadata will be validated and the entityID will be shown on the Configuration page. You can edit the SAML SSO configuration for the specific Identity Provider by clicking the pencil icon.
• Sign In URL: This option is only available when the manual sign in is disabled. Set this value to a URL that you want to direct users to when they try to access Jira Align and are not signed in. Use the token %AC-URL% in the URL to include the Jira Align requested URL in the redirect.
• Sign Out URL: Set this value to a URL that you want to direct users to when they click Sign Out.