SAML SSO using Atlassian Access

Ahsan Muhammad November 16, 2018

Hi,

We are looking to subscribe to Atlassian access for our site which is "companyName.atlassian.net". The reason for subscription to Atlassian access is that we want to enable SSO for Confluence, JIRA and Bitbucket via our own custom IDP for user authentication and authorisation. Right now all the users login through Google sign on. Can we also keep the Google sign on while testing the option of SSO via our IDP, and, it will not affect the users from accessing the content on Atlassian? If there is not the possibility of enabling two different sign on, i.e. Google and our custom IDP then we are thinking of creating test site for testing SSO and then replicating everything on our live Atlassian site. 

 

Best Regards,

Ahsan

1 answer

1 accepted

2 votes
Answer accepted
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 16, 2018

Hi Ahsan,

You can use both methods at the same time by integrating Google via SAML, but it will not be possible, for example, to separate users that will log in via Google and users that will log in via IDP.
I believe that the best option is to create a trial instance to test, so your users will not be affected.

Regards,
Angélica

Ahsan Muhammad January 9, 2019

 

I have two questions:

Q1: I have successfully entered the SAML configuration for my IDP. On the home page of my atlassian site, I only see "login with google" option. How would I know that my configuration is successfully saved thus letting users to login to the atlassian site using SSO of my IDP and removing Google SSO.

Q2: I have verified the domain successfully using DNS verification type. The domain name is 'companyname-pp.de'. We have email addresses of our employees with the domain ending 'companyname-digital.de'. Can our employees access the atlassian site with their domains or that has to exactly match the verified domain which is 'companyname-pp.de'.

 

Best Regards,

Ahsan

Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 15, 2019

Hi Ahsan,

On the login page, they must add the email and then when they press enter it will show a message that it uses SSO and redirect them to the IDP page to login.

When you have a verified domain, only users from that verified domain will be able to log in using SSO, users with another domain will log in using email and password.

Regards,
Angélica

Ahsan Muhammad February 7, 2019

Hi Angelica,

I want to remove "login with Google" option from my test atlassian site, although i have not connected my test site to GSuite but I still see it. I think the reason for it is that on my live atlassian site there is an integration with Gsuite using the same email domain. Can you please guide me in that?

Regards,

Ahsan

Ahsan Muhammad February 7, 2019

Hi Angelica,

Another question I have, even though my Gsuite is not integrated as I mentioned but even with the SSO enabled whenever I enter my email address while logging in my test atlassian site, rather than taking me to the login page of my IDP it takes me to the google login. It is perhaps beacause it detects my email is associated with google account. I want my IDP page rather than the google auth page. How can I enforce that?

Regards,

Ahsan

Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 12, 2019

Hi Ahsan,

What may be causing this is that someone must have configured GSuite via SAML, so what you've described is the cause of this.
This configuration is set directly on GSuite.

Regards,
Angélica

digitaleservices_deginvest_de January 22, 2024

Hi @Angélica Luz ,

Hallo, I got this error (as in the screenshot below). After configuring the SSO Setup and the ADFS server. When I tried to test the SSO login, I got this error message. What does the error message mean?

 

Can I please get some help here? As a Jira Administrator, where exactly do I need to adjust or verify? I tried to check for some logs, but could not find any time. Where exactly could I check for possible error. 

 

 

 

image.png

 

 

This translates to:

"

                                              Something went wrong
You could not be logged in. There could be several reasons for this. Please try again.

 

                                                  Back to the login
If the problem persists, contact your JIRA administrator. Please enter this error ID:

                                      4740be0e-1317-XXXX-ac5b-65417fb

"

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events