Managing Permissions for a Mega Group with Crowd

Atlassian’s Crowd is an identity management tool that allows businesses to centralize users from all of their directories in one location for authentication and authorization of access for web applications. Crowd acts as a single source of truth by allowing the management of all users, groups and directories in one central place.

Our client wanted to use Crowd to manage permissions for a very large number of users, but Crowd has a limitation around bulk assignment of users that created a stumbling block, until E7 determined a workaround. 

The Challenge

  • Associate 6500 existing Crowd users to a new group to be used by an integrated JIRA’s permission scheme and potentially other integrated applications

The Facts

  • E7’s client uses Crowd to manage all users for a large number of applications, including JIRA
  • E7 has to maintain Crowd as the official source of truth for all user access privileges and permissions
  • CROWD does not enable bulk assignment of users to groups
  • With over 6500 users to manage, it is not reasonable to update permissions manually in Crowd

The Solution

  • Use the built in functionality of JIRA to bulk assign individual users to groups
  • Generate a list of users in csv format
  • In JIRA’s “Bulk Edit Group Members” page, paste the list of users and click “Add Selected Users”
  • If processing a long list of users (like our 6500 users), Jira may show a proxy error but know that it is still working in the background.
    • You can verify that the list is still being processed by looking at the number of people in the group on either Jira or Crowd.
  • E7 established this client’s JIRA instance so that it has read/write capability and can update the Crowd database
    • The systems (Crowd and JIRA) are set to auto-synch every few minutes

The Results

E7’s client has a central, single group in Crowd to manage permission levels for all 6500 users, that is integrated with JIRA and other applications.