This article is a basic walkthrough to help you set up your first SAML Single sign-on configuration if you haven't yet configured one on Atlassian Cloud. I'll be using JumpCloud, which is free for up to 10 users, and an identity provider different from the ones you will find at the Atlassian documentation today.
Even though Atlassian has made the SAML SSO configuration process relatively straightforward, there are a few pre-requisites you need to address beforehand:
The following steps were based on the JumpCloud knowledge base documentation that can be found at Single Sign-On (SSO) with Atlassian Cloud. I will be including additional screenshots and details that may help you during your configuration.
Step 1 - Configuring the Atlassian Cloud app on JumpCloud
- Log in to JumpCloud as administrator.
- Go to SSO.
- Click ( + ), then search for Atlassian Cloud and click configure.
- In General Info, enter Display Label.
- In IdP Entity ID, replace YOURDOMAIN with your domain. In this case, it is the domain that you have verified. For example, if you have verified myverifieddomain.com, your IdP Entity ID would be https://myverifieddomain.com.
- For Default RelayState, inform your Atlassian site.
- For the IDP URL, I used my Atlassian site name. For example, if your site is https://mysite.atlassian.net, your IDP URL could be https://sso.jumpcloud.com/saml2/mysite.
- Select Activate and confirm your new SSO connector instance.
Step 2 - Adding a SAML configuring the Atlassian Cloud
- Copy IdP Entity ID (JumpCloud) to Identity provider Entity ID (Atlassian Cloud).
- Copy IDP URL (JumpCloud) to Identity provider SSO URL (Atlassian Cloud).
- Download the certificate (JumpCloud) and copy the contents of the certificate to the Public x509 certificate (Atlassian Cloud).
- Save configuration.
Step 3 - Finish configuring JumpCloud SSO
- Copy SP Entity ID (Atlassian Cloud) to SP Entity ID (JumpCloud).
- Copy SP Assertion Consumer Service URL (Atlassian Cloud) to ACS URL (JumpCloud).
- Authorize user access. There are other options to make this change on JumpCloud. In this example, you can assign a user to a group. In the User Groups tab, select the groups you are authorizing users to access the Atlassian Cloud application.
Step 4 - Test your SSO configuration
You can initiate the SSO authentication from your Idp by accessing the JumpCloud User Console or navigating your Atlassian Cloud site URL.
Initiate from JumpCloud
- Access the JumpCloud User Console at https://console.jumpcloud.com.
- Select the Atlassian Cloud app.
- It will automatically launch and login to Atlassian Cloud.
Initiate from your Atlassian Cloud
- Navigate to your Atlassian Cloud site.
- Enter your email address.
- You will be redirected to log in to the JumpCloud User Portal.
- The browser will be redirected back to the application and be automatically logged in.
Server to Cloud Migrations
If you happen to have started your journey to the cloud, check these couple of links that might help you with the Atlassian Acess assessment process.
Additional References
Before you go, take a look at some additional resources to explore and learn more about what you can do with Atlassian Access and other features available under the organization's security.
I'm sure there is much more to share about that here. So, feel free to chime in with your thoughts and additional information!
2 comments