Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Authenticate users using my own OpenID Connect (OAuth) server?

Gert-Jan van der Kamp
Gert-Jan van der Kamp March 26, 2022

Hi all, 

Our project has it;s own token server built on IdentityServer, so it's fully OAuth/ OpenID Connect compliant. Is there any way to authenticate users using that?

I've seen something about using a online directory like Okta, but we have our own (fully standards compliant). It would be very userfriendly if Jira would trust that external identity provider to authenticate customers. 

I haven't found anything to that effect but maybe I missed it.. Does anyone have any ideas towards that? Technically it shou;dn't have to be that hard.. 

Answer
Watch
Like Be the first to like this
547 views

1 answer

1 accepted

1 vote
Answer accepted
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 26, 2022

Hello, @Gert-Jan van der Kamp 

I am pretty sure the SP doesn't actually care what the IdP is, as long as it follows the standards in its responses.

If yours is fully compliant then it should just work. Have you actually tried and found problems?

I suppose you will have to figure out the IdP side of the setup by yourself though, and since it's proprietary – you are unlikely to get help from anywhere...

View More Comments
Gert-Jan van der Kamp
Gert-Jan van der Kamp March 28, 2022

Hi sorry for late reply I got distracted. What is SP exactly and where could I find that setting? Thanks in advance, GJ

Like
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 28, 2022

SP = "Service Provider" in this case Atlassian Access.

IdP = "Identity Provider" in this case your own token server.

If IdP follows the standard, there is not way for a SP to tell what exactly it is talking to. So if you figure out how to configure your IdP to talk to Atlassian Access it will work.

The main issue here is that Access does not support OIDC, only SAML.

If you trust 3rd parties to handle your authentication you can work it via a bridge, see here: https://community.atlassian.com/t5/Atlassian-Access-articles/Log-into-Atlassian-Cloud-using-External-OAuth-OIDC-Provider/ba-p/1731169

Like Steffen Opel _Utoolity_ likes this
Gert-Jan van der Kamp
Gert-Jan van der Kamp March 28, 2022

That's a great article thx. It does seem however this is not supported out of the box so that's less good news. I may have to park this for now. Guess having people enter their email for their first issue good enough for now. Thanks! 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Identity Manager
Atlassian Access
TAGS
AUG Leaders

Atlassian Community Events

    See all events