Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Sign up for free Log in
Atlassian Community Hero Image Collage

SSO with Keycloak

esk
esk Feb 17, 2020

Anyone with experience getting SSO on Atlassian Datacenter products to work with Keycloak

I've added a new client with Keycloak, however the AuthnRequest keeps failing.

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="ONELOGIN_fa70f13e-5058-411b-9b57-787ac254cbfb" Version="2.0" IssueInstant="2020-02-17T17:51:16Z" Destination="https://URL/realms/corp/protocol/saml" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="https://URL/bitbucket/plugins/servlet/samlconsumer">
<saml:Issuer>https://URL/bitbucket</saml:Issuer>
</samlp:AuthnRequest>

The error l see in the Keycloak logs is 

error=invalid_authn_request, reason=invalid_destination

 

Answer
Watch
Like Be the first to like this
1228 views

2 answers

0 votes
Tadas Apulskis
Tadas Apulskis Mar 22, 2021

Please share your keycloak client config and the SSO config. 

Reply
0 votes
Richard Lapwood -TechTime-
Richard Lapwood -TechTime- Feb 17, 2020

I would suggest try changing your destination URL to match your POST binding URL (i.e. the Atlassian product URL, not the Keycloak Realms URL)

View More Comments
esk
esk Feb 20, 2020 • edited

Hi Richard,

Thank you for your quick response and my apologies for not replying sooner. I've tried setting both the Assertion Consumer Service POST Binding URL and Assertion Consumer Service Redirect Binding URL in keycloak. It still wouldn't work.  

Like
Reply

Suggest an answer

Log in or Sign up to answer
Data Center
Data Center
TAGS
Community showcase
Pramodh M
Pramodh M
Published in Data Center

Architect your Atlassian Data Center Application (Jira, Confluence, Bitbucket) in Azure

Hello folks! To the member of organizations who are still running their Atlassian applications on the server, we are on the side of the bridge, and if we need to sail the boat with confidence either...

588 views 0 11
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you