You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
I'm trying to implement the SSO approch in the company, we have Jira installed behind an Ibm http server, I'have implemented the SSO (the authentication) in the web server and everything is going well, the problem is that after the redirection of the SSO to my Jira, I have to make another authentication (that doesn't have sense because the user is already authenticated).
Have you any idea to skeep the authentication in the level of Jira please?
Here is my understanding of your problem:
It seems you have enables SSO on the IBM HTTP server which allows user to access Jira only after user's authentication from IDP, but the problem here is that JIRA is asking for credentials even if the user is authenticated from IDP.
If this is the scenario then the problem here is that JIRA is not able to identify the SSO user. While passing the request to JIRA you need to pass information of the authenticating user either in JWT or HTTP Header so that JIRA can recognize the SSO user and create a session.
Also please note that JIRA does not support JWT or header based Authentication. You will need to develop a custom solution or use a plugin to accomplish this case. You can check out this plugin miniOrange JIRA SAML SSO Add-On. This plugin will allow you to enable header-based authentication and also has many more advanced security features.
Alternative you can configure the SSO on JIRA end as well so that JIRA can check the user's session on IDP and based on that, allow user to access JIRA.
P.S - I work for miniOrange, one of the top vendors on the Atlassian Marketplace. Reach out to us via email@example.com