Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,456,628
Community Members
 
Community Events
176
Community Groups

SSO is set up correctly but does not function like traditional sso enterprise, what is wrong?

Edited

I have set up Jira, Confluence, Bitbucket all to use SSO.

I restart my machine and log in, once in, I go to my applications but I am still forced to log in (using the same credentials I used to get into my machine). Why does SSO only function correctly after the initial log in to my web applications?

Once I've logged in initially, I am able to switch using application links between the different application no problem without having to sign in. That is not how SSO is suppose to work. Is there something I am missing for this function to work correctly? 

We use Jira server 7.12.3, Confluence server 6.11.0, Bitbucket server 5.13.0, Crowd 3.2.2.

 

To be clear: I would like to be able to log into my enterprise machine once and start my https://example.jira.com application without having to sign in again. 

 

3 answers

1 vote

Hello @James M

What you are experiencing now is the standard behaviour. Crowd actually provides Web SSO between Atlassian applications, which means that you must first log into one these applications before you can navigate to other applications without entering a username and password again.

What you are aiming at is Windows SSO, which means that you don't have to enter any username and password if you're connecting to your Atlassian applications from an enterprise desktop that belongs to your Active Directory enterprise domain. This requires a third-party add-on, for instance Integrated Windows Authentication for Applications using Crowd (IWAAC).

Disclaimer: I work for the vendor of the IWAAC add-on. There are other Windows SSO add-ons available on Atlassian Marketplace.

Hope this helps!

Bruno

0 votes

@James M I wanted to let you know that we are currently working on improved SSO in Crowd and we would be happy to get on the call with you to discuss your use case. Please feel free to reach out to me directly at mradochonski@atlassian.com 

If you have Active Directory and your users work on trusted networks, you can also setup Integrated Windows Authentication (IWA / Kerberos) directly, without buying Crowd. Our company, Kantega SSO, has plugins for Jira, Confluence, Bitbucket, Bamboo and Fisheye / Crucible enabling this form of SSO. 

You can also combine IWA / Kerberos with other SSO protocols, such as SAML and OIDC. Such a combination will give users on trusted networks get the optimal SSO experience (totally login free), while authentication is established though an SAML or OIDC identity provider when working remotely.

Please reach out if you need assistance configuring your environment.

Cheers,

Jon Espen

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events