2FA Authentication can break app features on DC/not working connection screen
When using plugins like Secure Login for Jira 2FA, Kantega SAML SSO OIDC Single SignOn User Management for Jira | Atlassian Marketplace or mini orange 2FA it can result in errors like “oauth nonce used” or “OAuth Token rejected”. Depending on the relevant app the solution can differ.
Using 2FA and whitelisting our IPs usually helps (example from Secure Login Config):

Since our DC is setup via ngrok this can’t be tested on our site.
However, in some scenarios further configurations need to be setup, such as for mini orange 2FA where allowing to bypass the 2FA when calling the secure/attachment path:

Using Kantega Kerberos SSO the whole connection might fail. Excluding Kerberos for sub-paths of rest can be done within the Kantega configuration:
