JetBrains Account Auth Module

Name

Stores the name of the authentication module. Use this setting to distinguish this module from other authentication modules in the Auth Modules list.

You can change the name of the authentication module using the Rename action. For more details, refer to Actions.

Organization

Stores the link to your organization in JetBrains Account. This field is displayed only when API access is configured.

Accounts imported to YouTrack

Displays the current number of users in YouTrack that logged in or were added as a result of synchronization with JetBrains Account.

User accounts discovered in JetBrains Account

Displays the number of user accounts that exist in your organization in JetBrains Account.

Last sync

Displays the last time when YouTrack synchronized user accounts between YouTrack and JetBrains Account.

Allowed domains and emails

Restricts the creation of user accounts to users with email addresses from the specified domains or specific email addresses. To specify multiple domains or email addresses, enter each value on a new line.

YouTrack recognizes domains with or without the @ sign, which means that you can either specify the domain as @domain.com or simply domain.com.

If a user attempts to log in with a JetBrains Account that does not match the specified domain, then:

1. YouTrack will not let the user log in and will show a relevant error message.

2. YouTrack will not create a new account for the user.

3. YouTrack will not add this JetBrains Account to the Logins list of an existing user account if such an account is found in the system.

Default

Sets the current authentication module as the default.

Customer code

Stores a unique number identifier of your organization in JetBrains Account.

You can find your customer code in your JetBrains Account, next to the organization's name.

Customer API token

Stores an API token for accessing the JetBrains Account API. By default, YouTrack generates an API token automatically during the first start of the instance.

You can replace the preconfigured token with your own by clicking Set new value. To learn how to generate your API token in JetBrains Account, refer to this article.

Scheduled sync

Determines the frequency with which user attributes and group memberships are synchronized with JetBrains Account.

If the setting is enabled, you can choose from one of three predefined intervals:

• Hourly

• Every 3 hours

• Daily at 9 AM

You can also launch the synchronization manually at any time by clicking the Sync organization users now button in the header.

If the setting is disabled, profiles and group memberships are still synchronized on a per-user basis during login.

The synchronization feature is only active when the authentication module is Enabled.

User creation

Enables creation of YouTrack accounts for unregistered users who log in with their JetBrains Account.

When user creation is disabled, only the following users can log in:

• JetBrains Account users who logged in to YouTrack using their JetBrains Account or were added as a result of synchronization with the JetBrains Account service.

• Users that are already present in YouTrack and have a matching allowed email, which is verified.

Auto-join groups

Automatically adds new users to groups when they register themselves in YouTrack. You can select one or more groups. New users that auto-join a group inherit all the YouTrack permissions that are assigned to this group.

We recommend that you add users to at least one group. Otherwise, new users are only granted the permissions that are currently assigned to the All Users group. Do not use this option to add users to groups that grant unnecessary access to sensitive data.

Extension grant type

Saves the value that is used to identify the authentication module when used for extension grants. If a value is provided, YouTrack will process requests to exchange access tokens that are issued by JetBrains Account for tokens that grant access to YouTrack.

To learn how to exchange access tokens using the Hub REST API, see Extension Grants.

Connection timeout

Sets the period of time to wait to establish a connection to the JetBrains Account service. The default setting is 5000 milliseconds (5 seconds).

Read timeout

Sets the period of time to wait to read and retrieve user profile data from the JetBrains Account service. The default setting is 5000 milliseconds (5 seconds).

Changes made to JetBrains Account

Links to the Audit Events page in YouTrack. There, you can view a list of changes that were applied to this authentication module.

Test login

Lets you authenticate using the JetBrains Account service to test if users are able to log in.

Sync now

Launches the synchronization of users between the JetBrains Account organization and YouTrack.

Enable

Enables the authentication module.

This option is only shown when the authentication module is currently disabled.

Disable

Disables the authentication module.

This option is only shown when the authentication module is currently enabled.

Rename

Lets you update the existing authentication module name and change its default icon.

You can find this action in the More options (...) menu.

Delete

Removes the authentication module from YouTrack. Use only when you have configured additional authentication modules that let users log into your YouTrack installation.

You can find this action in the More options (...) menu.