Skip to main content
C1 provides identity governance for Atlassian Bamboo (Data Center / self-hosted). Integrate your Bamboo instance with C1 for unified visibility and governance over administrative and privileged access.

Capabilities

ResourceSyncProvision
Users
Groups
Global
Projects
Plans
Deployment projects
Environments

Gather Bamboo credentials

The Bamboo connector is read-only. The account must hold the global Administration permission so it can read permissions across every scope.
1
Sign in to your Bamboo Data Center instance as a Bamboo administrator.
2
Create a Personal Access Token under your profile menu > Personal access tokens > Create token. Copy the token value.
3
Note your Bamboo base URL, for example https://bamboo.example.com. The REST API is served from <base-url>/rest/api/latest.
4
If your instance cannot issue Personal Access Tokens, you may instead supply an administrator username and password for HTTP Basic authentication.

Configuration fields

FieldRequiredDescription
bamboo-base-urlYesBase URL of the Bamboo instance, without a trailing slash (e.g. https://bamboo.example.com).
bamboo-tokenNoPersonal Access Token, sent as Authorization: Bearer <token>. Preferred.
bamboo-usernameNoUsername for HTTP Basic auth. Used only when no Personal Access Token is supplied.
bamboo-passwordNoPassword for HTTP Basic auth. Used only when no Personal Access Token is supplied.
Supply either a Personal Access Token, or a username and password — not both. When a username is set the connector uses HTTP Basic auth; otherwise it uses the Personal Access Token.

Synced resource types

  • Users and Groups: the principals that hold permissions, surfaced from the global permissions endpoints. Bamboo has no full user-directory REST endpoint, so principals are discovered through the permissions API.
  • Global, Projects, Plans, Deployment projects, and Environments: each scope is a permission-bearing resource. Every scope exposes its permission set as entitlements, and a grant is emitted for each user or group that holds a permission on that resource:
    • Global: ADMINISTRATION, RESTRICTED_ADMINISTRATION, CREATE_PLAN, CREATE_REPOSITORY
    • Project: CREATE, BUILD, CLONE, EDIT, ADMINISTRATION, VIEW
    • Plan: VIEW, EDIT, BUILD, CLONE, ADMINISTRATION
    • Deployment: VIEW, EDIT, DEPLOY, ADMINISTRATION
    • Environment: VIEW, EDIT, DEPLOY, ADMINISTRATION

Special notes

  • Group membership rosters are not synced. Bamboo Data Center delegates group membership (which users belong to each group) to its external Crowd/LDAP directory; the Bamboo REST API does not expose it. Groups are therefore modeled as permission principals — each group appears as a resource and receives the permission grants assigned to it, but its individual members are not enumerated.
  • Users and groups are discovered through the permissions API rather than a directory listing, because Bamboo exposes no full user-directory endpoint.
  • The connector is read-only; it does not provision access.