Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,467,410
Community Members
 
Community Events
177
Community Groups

Jira SAML Sign-On Failed

JIRA SAML is failing with no changes by any admins to Azure AD. No one can get in to administer since SAML is failing; error is just "please contact your administrator".

How can admins get past this to troubleshoot?

All necessary fields in the single sign-on have been filled and not changed.

image.png

2 answers

1 accepted

1 vote
Answer accepted

Hi @Adam Muzyka ,

 

It seems that the signing certificate (X.509 certificate) has been changed on the Azure AD and because of that SSO is not working as JIRA is unable to validate the signature in the SAML Response.

It looks like you are using the third-party SAML app from miniOrange. If yes, you can use the emergency URL to access the default JIRA login page and update the certificate from the plugin configuration.

 

Also, it would be better if you can raise a support ticket to the vendor for faster resolution.

Again, if you are using the miniOrange, you can raise a ticket from the link given below. They will help you out to get Admin access and also help you configure the plugin to handle the certificate rollover event of the Azure AD so that you won't face this issue in the future.

miniOrange Support

https://miniorange.atlassian.net/servicedesk/customer/portal/2

 

Thanks,

Lokesh

Many thanks for the support, greatly appreciated.

 

Currently taking action suggested; this gave good direction on where to start down the rabbit hole.

 

:)

Hi Adam,

it looks like you are using our plugin (and not the one from miniOrange, unless their error screen looks like ours).

If it's our plugin, then here you find information on how to access the instance by either using the special ?nosso URL

https://wiki.resolution.de/doc/saml-sso/latest/all/knowledgebase-articles/technical/cannot-access-jira-confluence-bitbucket-bamboo-fisheye-crucible-anymore-bypass-sso

Or if you did disable that in the Config, then here are some instructions on how to start wiht our plugin disabled:

https://wiki.resolution.de/doc/saml-sso/latest/all/knowledgebase-articles/technical/application-startup-issue-disable-sso-plugin

You can reach our support via https://resolution.de/go/support - that's quicker than the public forum, as in the Forum it takes a couple of hours until we get pinged for search results.

Cheers,
Christian

P.S. Full disclosure, I work for resolution, a marketplace vendor.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events