YouTrack Cloud 2024.3 Help

JetBrains Account Auth Module

The JetBrains Account authentication module lets users who have registered for a product or service from JetBrains log into YouTrack Cloud and connected services with their JetBrains Account credentials.

JetBrains account authentication module.

Enable JetBrains Account Authentication

To let users with existing JetBrains accounts log in to YouTrack, enable the JetBrains Account authentication module.

To enable the JetBrains Account auth module:

  1. From the Access Management section of the Administration menu, select Auth Modules.

  2. From the New module drop-down list, select JetBrains Account.

  3. Click the Enable module button in the header.

    • The JetBrains Account auth module is added to YouTrack Cloud.

    • The auth module is enabled and ready for use.

After the module is enabled, you can configure the optional settings, for example, to enable registration or add users to groups when they register a new account. For more information, see Additional Settings.

Settings

The settings are configured automatically when you add the auth module to YouTrack Cloud.

Setting

Description

Type

Displays the type of service that is enabled for authentication in YouTrack Cloud.

Name

Stores the name of the authentication module. Use this setting to distinguish this module from other authentication modules in the Auth Modules list.

Button Image

Displays the image used for the button that a user clicks to log in to YouTrack with a JetBrains Account.

Extension grant

Saves the value that is used to identify the authentication module when used for extension grants. If a value is provided, YouTrack will process requests to exchange access tokens that are issued by the authorization service for tokens that grant access to YouTrack.

To exchange access tokens successfully, the authentication module must be authorized in the third-party authentication service and enabled in YouTrack.

To learn how to exchange access tokens using the REST API, see Extension Grants.

Additional Settings

The following options are located at the bottom of the page. Use these settings to manage account creation and group membership and to reduce the loss of processing resources consumed by idle connections.

Setting

Description

User creation

Enables creation of YouTrack Cloud accounts for unregistered users who log in with their JetBrains Account. YouTrack Cloud uses the email address to determine whether the user has an existing account.

Restricted domains and emails

Restricts the creation of user accounts to users with email addresses from the specified domains or specific email addresses. To specify multiple domains or email addresses, enter each value on a new line.

YouTrack recognizes domains with or without the @ sign, which means that you can either specify the domain as @domain.com or simply domain.com.

This option is only available when you enable the User creation option.

If a user attempts to log in with a JetBrains Account that does not match the specified domain, then:

  1. YouTrack will not let the user log in and will show a relevant error message.

  2. YouTrack will not create a new account for the user.

  3. YouTrack will not add this JetBrains Account to the Logins list of an existing user account if such an account is found in the system.

Auto-join groups

Automatically adds new users to groups when they register themselves in YouTrack Cloud. You can select one or more groups. New users that auto-join a group inherit all the permissions that are assigned to this group.

We recommend that you add users to at least one group. Otherwise, new users are only granted the permissions that are currently assigned to the All Users group. Do not use this option to add users to groups that grant unnecessary access to sensitive data.

Connection timeout

Sets the period of time to wait to establish a connection to the authorization service. The default setting is 5000 milliseconds (5 seconds).

Read timeout

Sets the period of time to wait to read and retrieve user profile data from the authorization service. The default setting is 5000 milliseconds (5 seconds).

Audit

Links to the Audit Events page in YouTrack Cloud. There, you can view a list of changes that were applied to this authentication module.

Actions

The following actions are available in the header:

Action

Description

Set default

Designates the authentication module as the default for your YouTrack site. Only one authentication module can be set as the default at any time. If another module is currently set as the default, that state is cleared.

This option is only shown when the current authentication module is not designated as the default.

Clear default

Removes the authentication module as the default for your YouTrack site.

If none of the available authentication modules are designated as the default, unauthenticated users are always directed to the Hub login page.

This option is only shown when the current authentication module is designated as the default.

Disable module

Disables the authentication module.

This option is only shown when the authentication module is currently enabled.

Enable module

Enables the authentication module.

This option is only shown when the authentication module is currently disabled.

Delete module

Removes the authentication module from YouTrack. Use only when you have configured additional authentication modules that let users log into your YouTrack site.

Last modified: 18 October 2024