Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira SAML Sign-On Failed

Adam Muzyka
Adam Muzyka November 19, 2019

JIRA SAML is failing with no changes by any admins to Azure AD. No one can get in to administer since SAML is failing; error is just "please contact your administrator".

How can admins get past this to troubleshoot?

All necessary fields in the single sign-on have been filled and not changed.

image.png

Answer
Watch
Like Be the first to like this
2731 views

2 answers

1 accepted

1 vote
Answer accepted
Lokesh Naktode_miniOrange
Lokesh Naktode_miniOrange
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
November 19, 2019

Hi @Adam Muzyka ,

 

It seems that the signing certificate (X.509 certificate) has been changed on the Azure AD and because of that SSO is not working as JIRA is unable to validate the signature in the SAML Response.

It looks like you are using the third-party SAML app from miniOrange. If yes, you can use the emergency URL to access the default JIRA login page and update the certificate from the plugin configuration.

 

Also, it would be better if you can raise a support ticket to the vendor for faster resolution.

Again, if you are using the miniOrange, you can raise a ticket from the link given below. They will help you out to get Admin access and also help you configure the plugin to handle the certificate rollover event of the Azure AD so that you won't face this issue in the future.

miniOrange Support

https://miniorange.atlassian.net/servicedesk/customer/portal/2

 

Thanks,

Lokesh

View More Comments
Adam Muzyka
Adam Muzyka November 19, 2019

Many thanks for the support, greatly appreciated.

 

Currently taking action suggested; this gave good direction on where to start down the rabbit hole.

 

:)

Like
Reply
0 votes
Christian Reichert (resolution)
Christian Reichert (resolution)
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 19, 2019

Hi Adam,

it looks like you are using our plugin (and not the one from miniOrange, unless their error screen looks like ours).

If it's our plugin, then here you find information on how to access the instance by either using the special ?nosso URL

https://wiki.resolution.de/doc/saml-sso/latest/all/knowledgebase-articles/technical/cannot-access-jira-confluence-bitbucket-bamboo-fisheye-crucible-anymore-bypass-sso

Or if you did disable that in the Config, then here are some instructions on how to start wiht our plugin disabled:

https://wiki.resolution.de/doc/saml-sso/latest/all/knowledgebase-articles/technical/application-startup-issue-disable-sso-plugin

You can reach our support via https://resolution.de/go/support - that's quicker than the public forum, as in the Forum it takes a couple of hours until we get pinged for search results.

Cheers,
Christian

P.S. Full disclosure, I work for resolution, a marketplace vendor.

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events