Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to integrate my company's SSO in Jira

shadow.fang
shadow.fang June 1, 2020

In my company, we have an SSO system for web applications.

Now, I want to integrate Jira&Confluence with the system, and I have some questions:

1. How to configure or do some development to make Jira redirect the login request to the SSO system?

2. After the user logs in, the SSO system will redirect the user information to Jira&Confluence. How to make Jira&Confluence use this information to log in the user?

Jira Software version is 8.4.1

Jira Confluence version is 7.0.3

I looked for some posts with older dates, I wonder if they can be used as a reference

Please help resolve this issue.

Thanks and regards,

Answer
Watch
Like Be the first to like this
1307 views

3 answers

0 votes
Lokesh Naktode_miniOrange
Lokesh Naktode_miniOrange
Atlassian Partner
June 1, 2020

Hi @shadow.fang 

In case if you have a Datacenter version of JIRA and Confluence, you can use the existing SAML feature to enable SSO from your IDP(SSO System).

https://confluence.atlassian.com/enterprise/saml-single-sign-on-for-atlassian-data-center-applications-857050705.html

But if you have a server version of the JIRA/Confluence, you will need to configure the third-party SSO add-on in JIRA/Confluence to enable SSO from your IDP.

Also, it depends on which SSO Protocols(SAML/OAuth/OIDC) your IDP supports.

https://marketplace.atlassian.com/search?query=JIRA%20SSO

 

Thanks,

Lokesh

I work for miniOrange Inc one of the top SSO vendors of the Atlassian marketplace.

Reply
0 votes
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 1, 2020

Depending on how proprietary your company SSO really is you may want to look at our EasySSO for Jira and EasySSO for Confluence – from the way you are describing the desired flow one of SAML, X.509 or HTTP Headers authenticators out of the 5 we provide may fit the bill.

Since your company uses this very SSO for other web applications – you must have ready solutions for things such as integrating reverse proxies with that? If so, HTTP Headers authenticator is the way to go.

If your company's SSO is completely proprietary and none of the above applies you may indeed need to implement a Seraph authenticator: https://docs.atlassian.com/atlassian-seraph/2.6.1-m1/sso.html

View More Comments
shadow.fang
shadow.fang June 1, 2020

Hi Zealand

Thank you for your reply


Before using Seraph, should I download the jira source configuration environment?
Or directly use jira api without downloading the source code

Like
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 2, 2020

This is a bit beyond Community support scope... from experience, yes you will need Jira source to actually understand what the authenticator needs to do, but you don't need it to actually develop.

Having implemented seraph authenticators in the past – I would avoid doing it again at all costs... but then I have a commercial SSO product on the market, what else would you expect from me :)

Like Jon Espen Ingvaldsen Kantega SSO likes this
Reply
0 votes
Steven F Behnke
Steven F Behnke
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 1, 2020

Howdy. I'm just a community contributor. In terms of the self-hosted software options there are a few things you'll need to let us know before anyone here can provide very accurate information.

  1. If you have Data Center, there will be a SAML SSO configuration link under the administration panel.
  2. If you do not have Data Center, the only SSO authentication provided out of the box is via the Atlassian Crowd application.
  3. If you do not have Atlassian Crowd, there is no SSO solution provided out of the box but you are free to provide a custom Authenticator via the Seraph Framework. 

Can you please describe which environment you have?

View More Comments
shadow.fang
shadow.fang June 1, 2020

Hi Steven

My Jira and Confluence are hosted on my own server.
My company's SSO does not use Atlassian Crowd application.
Should I learn how to use "Seraph Framework" now?

Thank you for your reply

Like Steven F Behnke likes this
Steven F Behnke
Steven F Behnke
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
June 2, 2020

Yes. Your options here are:

* Buy and implement Atlassian Crowd for their SSO solution

* Buy and implement Data Center, which includes SSO

* Implement a custom authenticator

 

I have followed this approach in the past:

https://wiki.geant.org/display/~federated-user-3/Federating+OTRS+with+mod_auth_mellon

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events