Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events

Forums

Articles
Create
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence Data Center REST API with SAML Auth

Doug
Doug March 12, 2019

We're currently looking into upgrading to Confluence Data Center to get SAML auth so we can use our SSO provider for 2FA. One area of concern is how the REST API may be impacted since we have automated processes using service accounts to access the app. Can anyone confirm if the REST API still functions behind SAML auth?

The docs make no mention of an oauth endpoint like JIRA offers. Also came across CONFSERVER-54412 which states it's a known issue, but no ETA when or if it'll be implemented.

Answer
Watch
Like Be the first to like this
1761 views

2 answers

1 accepted

3 votes
Answer accepted
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 14, 2019

Hey Doug,

The REST API will still function just fine behind SAML without having to add OAuth or other measures to your calls. Basic auth on the API URLs will bypass SAML.

We do have this documented on the configuration page (see screenshot) but you're right that this isn't obvious from the documentation online, and that is different from Jira! Here's the SAML configuration page within Confluence Data Center:

SAML_Authentication.png

Thank you for pointing this out so we can clear up the confusion. And you should be good to go with your existing API calls once you make the jump to Data Center.

Cheers,
Daniel | Atlassian Support

Reply
0 votes
Christian Reichert (resolution)
Christian Reichert (resolution)
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 7, 2020

Hi Doug,

this may be too old now for you to benefit - however it may still be worth someone who stumbles across this topic.

The REST API continues to work like normal behind SAML. However, in many installations the problem is that the Users (especially if they are provisioned by a SAML Plugin) don't have any passwords anymore in the actual Atlassian Application.
Or sometimes even if they still have, you may not want your Jira/Confluence accessible via a simple password if you go through the 2FA length on your IdP. A common solution to that, that many cloud services/applications implement are API Keys/Tokens/App specific passwords.

We have released a 3rd party App that implements the API Token Concept in Confluence & Jira.

It's available for both Server & Data-Center. It also has some additional security features (blocking normal basic auth, IP address restrictions, etc) that some people may find interesting.

Cheers,
Chris

P.S. Full disclosure, I work for resolution, a marketplace vendor.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

Community
Forums
FAQs Forums guidelines
Learning
About learning Resources
Events
Copyright © 2025 Atlassian
Privacy Policy Terms Security
Welcome illustration

Welcome to the new Atlassian Community

Online forums and learning are now in one easy-to-use experience.

By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.