You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I am working to integrate SSO for our JIRA Cloud with ADFS. I understand this won't be supported by Atlassian but I can't even get the setup as I do not know where to get our unique Entity ID to complete the URLs for JIRA as the SP? I mean these:
SAML Assertion (SP Identifier):
https://auth.atlassian.com/saml/<unique Entity ID>
Login/logout redirect URL:
https://auth.atlassian.com/login/callback?connection=saml-<unique Entity ID>
Where the <unique Entity ID> should be dynamically created for our subscription. I raised a support case but so far the response I received is to contact our IdP to get these... given that we own and manage our IdP (ADFS), I already know the required endpoints. :)
The Azure SSO integration (at: here) suggests that the <unique Entity ID> might be generated at the moment when the SSO configuration is initiated in Atlassian Access but I would like to be certain, as the entire process will cause downtime for our production teams.
Anyone knows where/how I can get the <unique Entity ID> ? Thanks!
Despite not providing official support, we do have some extensive documentation you may have already seen at SAML single sign-on - Unsupported identity providers.
Going off the Microsoft document you linked, the missing piece is probably what's quoted in our documentation here:
After adding your identity provider details to the 'SAML single sign-on' page for your Atlassian organization, you'll see new fields and values appear. Copy those values over to your identity provider.
So this is what the admin page looks like before you add the ADFS details in admin.atlassian.com:
After clicking the blue "Add SAML configuration" button and filling out the details, viola, the necessary fields are available. The SP Entity ID field is the one you'll want. Sounds like ADFS or Azure AD are trying to helpfully pre-fill the non-unique part of the URL. You can just use the copy button and blow out the entire field on the ADFS/Azure side.
Hope that helps, and happy authenticating!