Authentication methods
Individual Access vs Managed Access
You can define how you want private git resources to be fetched from each provider. In the settings of Git for Confluence you can switch between the Individual Access (OAuth 2.0) method and the Managed Access (Token) method.
Individual Access (OAuth 2.0)
Confluence users are requested to sign in with their Git accounts when they try to share private resources on a Confluence page. Once signed in, they are able to share private resources.
This mode requires no setup from an administrator, however shared private resources might fail to render in the future when the Confluence user who shared the resource loses access to it. This is commonly caused when this user is leaving an organisation. You can migrate all their shared resources to recover from this. See Migration of consent
Managed Access (Token)
A Confluence admin must configure an access token that will be used for fetching resources from your git repository. Confluence users will be able to share private resources if the token has access to them. This mode enables you to have more control over the access to your git repository. All shared private resources will remain intact as long as the access token has access to the resource.
Managed Access is no longer supported for Bitbucket. Atlassian's security policy does not allow token collection from Atlassian applications for apps. As an alternative we can introduce an OAuth flow here to authenticate with a company account. We are collecting interest for that feature, let us know via a feature request.
Switching from Individual to Managed Access
All personal tokens from signed in users for the selected provider will be removed once the Shared Access Token mode is enabled. Users will also no longer be requested to sign in with their git account. Already shared private resources will remain intact as long as the configured access token also has access to the previously shared resources.
Switching from Managed to Individual Access
The previously configured access token will be removed. Users will now be requested to sign in with their git account before they are able to share new resources. Already shared private resources will no longer render until their owner signs in with git account.
Last updated