It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

SSO is set up correctly but does not function like traditional sso enterprise, what is wrong? Edited

I have set up Jira, Confluence, Bitbucket all to use SSO.

I restart my machine and log in, once in, I go to my applications but I am still forced to log in (using the same credentials I used to get into my machine). Why does SSO only function correctly after the initial log in to my web applications?

Once I've logged in initially, I am able to switch using application links between the different application no problem without having to sign in. That is not how SSO is suppose to work. Is there something I am missing for this function to work correctly? 

We use Jira server 7.12.3, Confluence server 6.11.0, Bitbucket server 5.13.0, Crowd 3.2.2.

 

To be clear: I would like to be able to log into my enterprise machine once and start my https://example.jira.com application without having to sign in again. 

 

3 answers

1 vote
Bruno Vincent Community Leader Nov 30, 2018

Hello @Albaro Tinoco

What you are experiencing now is the standard behaviour. Crowd actually provides Web SSO between Atlassian applications, which means that you must first log into one these applications before you can navigate to other applications without entering a username and password again.

What you are aiming at is Windows SSO, which means that you don't have to enter any username and password if you're connecting to your Atlassian applications from an enterprise desktop that belongs to your Active Directory enterprise domain. This requires a third-party add-on, for instance Integrated Windows Authentication for Applications using Crowd (IWAAC).

Disclaimer: I work for the vendor of the IWAAC add-on. There are other Windows SSO add-ons available on Atlassian Marketplace.

Hope this helps!

Bruno

If you have Active Directory and your users work on trusted networks, you can also setup Integrated Windows Authentication (IWA / Kerberos) directly, without buying Crowd. Our company, Kantega SSO, has plugins for Jira, Confluence, Bitbucket, Bamboo and Fisheye / Crucible enabling this form of SSO. 

You can also combine IWA / Kerberos with other SSO protocols, such as SAML and OIDC. Such a combination will give users on trusted networks get the optimal SSO experience (totally login free), while authentication is established though an SAML or OIDC identity provider when working remotely.

Please reach out if you need assistance configuring your environment.

Cheers,

Jon Espen

0 votes

@Albaro Tinoco I wanted to let you know that we are currently working on improved SSO in Crowd and we would be happy to get on the call with you to discuss your use case. Please feel free to reach out to me directly at mradochonski@atlassian.com 

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira

The Jira Server Mobile App is here!

Hey Community! My name is James and I am a product manager on the Server Mobile team. I am excited to announce the new Jira Server Mobile apps for both iPhone and Android are now available. This is...

42 views 1 3
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you