Azure Active Directory is a popular SAML 2.0 service. The following is an example of how we have tested and configured Azure with Jira Align. Please review the following example and adjust as needed for your organization's security policies and practices.
1. Sign into Azure and click on Azure Active Directory.
2. Select Enterprise Applications from Manage in the left column.
3. Click on New application.
4. Select Non-gallery application.
5. Name the application something relevant to your organization and/or the application itself and click Add. In this case, we've named it JiraAlign.
Note: Any spaces in the name will cause issues with the Login URL later so it's best to just avoid them.
6. Under the Getting Started section, click on 1. Assign users and groups.
7. Click Add user and add Users and/or Groups as needed. You need at least one User to test SSO and you can go back and add more later if you want.
8. On the Add Assignment screen, you can select the users you want, click Select and Assign.
9. The user(s)/group(s) should show up on the Users and groups pane now.
10. Click on Single sign-on and SAML.
11. In Section 1: Basic SAML Configuration, edit the Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) to both be the Jira Align instance:
Alternatively, you can upload the metadata file by copying the Show Jira Align Saml 2.0 Service Provider metadata from Jira Align (Administrator > Platform > Security) and save as an XML file.
12. In Section 3: SAML Signing Certificate, edit and change the Signing Option to Sign SAML response and assertion. Click Save.
13. Also, in Section 3: SAML Signing Certificate, click Download next to Federation Metadata XML to use in a later step.
14. In Section 4: Set up <name>, copy the Logout URL and save it for use in a later step. Logout URL will look something like this: https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0
15. In the left hand menu under Manage, click Properties and copy the User Access URL for use in a later step. User Access URL will start with https://myapps.microsoft.com/signin.
16. Sign into Jira Align and click Administration > Platform > Security.
17. Click Add SAML Provider.
18. Paste in the SAML 2.0 Metadata from Azure (Step 13 from earlier).
19. Click Save & Close.
20. Set Enable SSO to Yes.
21. Click Save Settings.
22. Open up an incognito window in your browser and navigate to the User Access URL from Azure (Step 15 from earlier).
You'll need to open a ticket with Jira Align to regain access if you get locked out while Disable Manual Sign In is turned on.
If for some reason your Sign In or Sign Out URL contain encoded characters (Example: %20 for space), you'll need to replace that with the non-encoded equivalent.
James McCulleyAtlassian Team
(Or, What to expect when you’re expanding.) Once you've completed your Jumpstart, or your initial assessment of Jira Align, you'll start to think about how you can roll it out to the rest of your e...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events