Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Troubleshooting SAML configuration - Need Advice!

PC
PC
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 18, 2018

I am testing a new Jira instance (Software licensed, upgraded to Datacenter). When you upgrade to Datacenter, there is a built-in support for SAML. From what I understand, this functionality was available via a plugin but it has been recently integrated.

I am trying to configure SAML to work with our ADFS server, but I keep hitting the same wall:

2018-04-18 09_42_22-We had trouble logging you in.png

 

From what I can tell: Jira is successfully redirecting the user login to the ADFS server, the user can successfully authenticate and the response is passed back to Jira, but Jira Datacenter's built-in SAML consumer does not like the response it is getting from ADFS. My instinct was to check logs on both the ADFS server and Jira. The ADFS logs show no errors, it looks like everything is working correctly. I don't think Jira is doing any logging for SAML, nor could I figure out how to enable SAML logging.

There isn't much documentation for this feature, or for Jira Datacenter in general. The most relevant information I could find is here:
https://confluence.atlassian.com/enterprise/saml-single-sign-on-for-atlassian-data-center-applications-857050705.html

I was also able to find some information for Confluence that seems to describe my problem and how to enable logging to help troubleshoot... for Confluence:
https://confluence.atlassian.com/confkb/received-invalid-saml-response-signature-validation-failed-saml-response-rejected-938041884.html
The information in that link is for Confluence Datacenter and I am using Jira-Software Datacenter.

If anyone has any tips or tricks, I could sure use the advice!

 

 

Answer
Watch
Like Be the first to like this
1668 views

1 answer

0 votes
PC
PC
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
May 4, 2018

I spawned a support request for this issue and Jira support had a very helpful response. Unfortunately, I wasn't able to follow through with my troubleshooting; we decided not to implement our solution with ADFS and SAML.

Here is the suggestion Jira support provided:

 

Indeed the log files aren't providing a clear information regarding the error you're experiencing. Due to this and to see if we can get an additional information in the logs, would you mind to navigate through Jira Administration > System > Logging and Profiling and enable "debug" logging level for the class "com.atlassian.plugins.authentication"? To do so, you can click at "Configure logging level for another package".

After proceeding with the step above, ensure to replicate the problem once again and attach here a fresh Support Zip where we can double check if we can get an useful information in the logs.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security