A customer wants to test Confluence server in Azure... I have found the Microsoft tutorial to enable Azure AD SSO but don't understand how to map Azure AD groups to confluence groups. Can I add a Directory from the users administration page or Should I use Crowd ?
Can someone help me or redirect me to the relevant documentation ?
confluence server doesn't really support SSO with Azure unless you are using data center version. Also, crowd doesn't help with SSO redirect. You need SAML plugin for Confluence which should solve your use case.
which works great!
Hi @Frédéric Grégoire ,
There multiple SSO plugins available for Confluence on the Atlassian Marketplace which allows you to enable SSO into Confluence from Azure AD.
Here is one of the plugins that work on SAML2.0 Protocol.
This plugin also has a feature you are looking for i.e. Group Mapping which allows you to map the Azure AD's group to Confluence local groups, and groups of the users in Confluence will be updated on each SSO(login) based on the group information received in the SAML Response from Azure AD.
Feel free to reach out to support team through the customer portal in case if you need any assistance to set up the plugin for your use case.
I work for the miniOrange. One of the top SSO vendor in the Atlassian Marketplace,
You can setup AzureAD to send group memberships as parts of the SAML response messages. It is a bit work to get AzureAD to send readable group names but we have created a document describing how to achieve this: https://docs.kantega.no/display/KantegaSSOEnterprise/Managed+and+Default+groups
With managed SAML groups, users are assigned and removed to groups based on the group settings at the identity provider (in your case AzureAD).
Another alternative to get permission updates each time the user logs in is to setup synchronized user directories. With this approach you set up a background job which continuously keeps Confluence up to date on users and group permissions from AzureAD. You can read more about this alternative here: https://kantega-sso.com/provisioning/
Full disclosure: I work for Kantega SSO, and our apps support both managed groups and synchronized AzureAD directories. Our support team is available if you want a demo or have any questions.
- Create your own custom emoji 🔥 - "Shake for Feedback" on mobile 📱 - An endless supply of GIFs via GIPHY 🤩 Is there anything quite as nice as a pleasant surprise? Comment below with what...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events