Single Sign-On (SSO) for Bitbucket
MantisHub supports single sign-on (SSO) with Bitbucket. This allows you to access your MantisHub account using your Bitbucket login credentials.
As well as adding convenience this can also provide extra security. Bitbucket supports two-factor authentication (2FA), so you may wish to have your users access MantisHub with either of these for a higher level of data security.
Firstly, administrators will need to install the plugin. Head to Manage - Manage Plugins and click the install button next to the AuthHub plugin listed in 'Available Plugins'.
Once installed, You can click on the plugin hyperlink to configure your SSO preferences. You need to define Bitbucket as your provider in the Federation Provider section.
You'll now see the option at the bottom of your login screen to connect into MantisHub with Bitbucket.
When you click on Bitbucket, it will require you to allow MantisHub to access your account. You'll need to allow access on the consent forms displayed. This should be a one time prompt.
The registered email in MantisHub for a user, must match a verified email address (primary or secondary) with Bitbucket.
The default setting allows users to log in using either their Bitbucket account OR with their MantisHub credentials. It is recommended to allow this for a test phase to make sure all works fine. Once the testing is completed, you can configure further AuthHub options such as:
- Force Lists - requires a subset or all users to use Bitbucket login by configuring the list of domains that are forced to use AuthHub authentication.
- Allow password login - allows a subset of users to login using their MantisHub credentials. This overrides the force list.
- Auto Provisioning - automatic creation of a MantisHub account on successful authentication to your provider.
For details on how to configure these options, read our Configuring AuthHub for SSO article.