MantisHub team is excited to announce the release of Open ID federation support for single sign-on! With our AuthHub plugin, we provide open ID connect with multiple identity providers.
What is Open ID Connect? Well, in a nutshell, our AuthHub plugin allows you to enable federation based authentication for single sign-on (SSO). It also allows the auto-provisioning of users. So on valid authentication from your centralized identity provider, their MantisHub account is automatically created!
The following identity providers are supported with qualifying plans:
- Azure AD (Office 365) – for Platinum volume plans (200, 300, 500, 1000 users)
- Google / Google Suite – for Platinum volume plans (200, 300, 500, 1000 users)
- Github – for Gold plans and above
- Bitbucket – for Gold plans and above
Check out our pricing page for details.
For companies that use any of the supported identity providers, switching over to SSO rather than your standard MantisHub username password adds a wide range of benefits.
For your users:
- Users don’t have to manage yet another username and password as well as all the other advantages of SSO (single sign-on). So that means changing passwords just once! And if they are already logged in, just one click of a button will get into their MantisHub account!
- User accounts can be auto-provisioned, hence, no need to coordinate with an administrator or have a lag between needing to access MantisHub and being able to access it.
- User hashed credentials are not stored on MantisHub servers.
For your administrators and enterprise security:
- Users authenticating via your enterprise identity providers will honour policies configured by the administrator in accordance with your enterprise security policies. For example, using FIDO devices, multi-factor authentication, password complexity, recurring password changes, protection against password spray attacks, etc. are all enforceable.
- Once a user account is disabled, like when an employee leaves your company, administrators just need to revoke access in the one place and access to MantisHub and other federated SaaS applications access will be blocked.
- AuthHub can be configured to lock down a list of users or domains to only permit login via your identity provider while allowing other users to log in with MantisHub standard login.
- AuthHub plugin can be configured to allow auto-provisioning of users with your chosen access level on successfully sign-on. This can be scoped to a configured list of email address domains. This reduces manual work to onboard your team and reduces human error.
Want to get started?
Check out MantisHub’s knowledge base articles for more information including configuration options:
- Office365 Authentication
- Google Suite / Google Authentication
- GitHub Authentication
- Bitbucket Authentication
And if you have questions, please reach out to our lovely MantisHub support team.
If you’re already a MantisHub customer you know that having Mantis hosted rather than running it all yourself is a huge plus. Instant setup, no upgrade, maintenance or backups overhead and access from anywhere! You also get access to their excellent support team who can help out and listen to all your feedback.
One more bonus is extra features, like the ability to import your users into your system via CSV. Currently exclusive to MantisHub, it’s a huge time saver when setting up your MantisHub if you have a large number of users to add at once. No longer do you need to perform the repetitive task of adding them one at a time. And bulk updates are easy too!
So for a while, you’ve been able to import, so, acting on your feedback, we figured it was time to give him a wife and you can now export users as well! The wedding was beautiful ;).
Our customers asked for this feature to help them track and audit user accounts. Making sure users that need to, have the right access AND those users that no longer need it, don’t. So it’s a plus for security too!
The feature is on by default so you’ll see 2 buttons at the bottom of your ‘Manage users’ page. One to export user information across all projects and one for the specific project set in your project selector. And this is the tricky part <insert sarcasm here> Just click it!
So easy and you have all the info you need including their name, email, global access, project access level and their last login. Check out the details in the support article.
Always exciting getting to deliver those features that make customers happy (and their lives a little easier). Make sure to follow this blog and follow @mantishub on twitter to keep across all the goodies that are rolling out to MantisHub.
The beauty of hosting with MantisHub is that you will never need to worry about the retention, accessibility or integrity of the data stored in your MantisHub issue tracking system.
All the advantages of cloud hosting are at your fingertips. Like logging into your system from any place or any machine securely. No need to worry about the security of your servers or disaster recovery. MantisHub hosting is robust, reliable, and secure, with daily backups of your data.
With all this convenience, you still have access to export and extract your data in several ways. Whether you need to integrate it into another system, play around with some numbers, produce reports or simply for peace of mind, you’re covered with these features.
Download all MantisHub data
Any administrators within the system can access the backup option from the Manage page. From here they can generate a full backup of your MantisHub to get a snapshot of the database at any point in time. When you generate a backup, two zip files will be available for download :
- “database and configuration” file which contains a MySQL dump of your database and your configuration files.
- “attachments” file containing all attachments uploaded to your system.
You can upload the db.sql file to a local MySQL service for verification and access it from your favorite database viewer and analytics tools.
With the attachments, extract the zip files to get access to the attachment files. The attachment file names will be encoded and will have to be correlated with the database to get the file meta-data.
Here’s the KB article for more information on generating and downloading backups.
As MantisHub already create a full daily backup of your data you will probably never need to use it but it may be what you need to tick some boxes on your corporate policies checklist for security or data retention.
The filters within the My View page can allow you to display a specific set or subset or your issues. If you’re not yet familiar with how to use filters, check out this article and get to it as it will save you a heap of time trying to find the information you need.
Once you have grabbed the issues you are interested in, you have the option to Print Reports.
To print it, just click the button. You can print all the listed issues or further cull the list and just display those selected. There are two options to print to; to a Microsoft Word document or HTML and it will include the Issues Details view of your issues.
Step by step instructions can be found in this KB article.
Exporting to CSV or Excel
There is also the option provided to export issue details to CSV or Microsoft Excel also from the View Issues page. This means you can do a whole lot more with your data because you can plug these into other systems to manipulate how you want. For example, MantisHub has some in-built reporting but if you’re looking for specific statistics on your issues this option can allow you to generate graphs and tables using Excel or some other application that allows CSV import.
It’s important to note that you have to define what issue fields and information you want to be included in the export. This needs to be configured in the Managing Columns section. This can be configured at a project level by the administrator [Manage – Manage Configuration – Manage Columns] but users can override this within their personal preferences [My Account – Manage Columns]. All fields that can be exported (including your custom created fields) are listed in the All Available section. Have a read about it in the Managing Columns KB article. And help with exporting can be found in this article :).
If you have Mantis Time Tracking feature turned on, you can also export this information to Excel or CSV to get some statistics on time your team spent working on issues. This is available through the Time Tracking page that is added to the menu when you enable Mantis time tracking.
For the technically savvy you can access information from your MantisHub through our API. This does require programming knowledge and can be a super powerful tool for pulling specific information from your system and manipulating it as needed. You can retrieve details of your projects, configuration, users, issues and filters. And the API is continually expanding so keep an eye out. To read more about MantisHub API options check out this KB article.
So if you’re looking for that flexibility while still getting the convenience of secure, reliable service, there’s your data on a silver platter :).
IMPORTANT NOTE: MantisHub services are patched for wide-spread security threats Meltdown and Spectre. Action Required:- Users need to update their browsers and install latest updates for their operating systems. Read on for details…
Security of cloud information is always at the forefront of any SaaS provider and long gone are the days when security was treated lightly. MantisHub prides itself on our high-security rating and we’ve addressed many security queries and concerns of our customers. Many of the security measures we have in place are listed in our KB article here. As well as providing secure infrastructure with SSL, data encryption at rest and data isolation, our team stays on top of all the latest threats, taking precautions needed to ensure the safety of your data and your service.
The Latest threats? – Meltdown and Spectre
With the new year came reports of 2 major hardware vulnerabilities affecting a large number of modern computer processors. Including some variants of Intel, AMD and ARM processors used in personal computers, mobile devices, tablets and servers. These vulnerabilities, named Meltdown and Spectre, can potentially be exploited by hackers to access unauthorized data. It is a weakness in the hardware barrier between applications and could allow processes within one piece of installed software to access stored data of other software in the system.
What are we doing?
MantisHub primarily uses Amazon Web Services infrastructure and all security patches and updates protecting against the vulnerability have been deployed. We are also working with our other vendors and providers to ensure steps are taken to mitigate any risk to systems. MantisHub is continuing to keep across any new developments and update requirements so you can be assured that we’re doing what’s needed to make your data safe.
What can you do?
As this vulnerability is wide-spread you need to take steps to ensure all your devices have the latest updates. PC, Macs, Smartphones & tablet operating systems should all be updated and continue to check for updates regularly as some patches are still in development. Additionally, make sure that all browsers receive the latest updates. Check out updates already available for Mozilla Firefox and MS Edge. Safari has an update “coming soon” and Chrome were due to provide version 64 on Jan 23rd but in the interim, you should follow these instructions to enable site isolation to protect against the threat and be sure to upgrade once version 64 comes out.