Setting up SSO for service desk customers?

Avinash Singh August 30, 2019

we have performed your workaround by giving all service desk customer jira account with no application access.

Eg. When a user browsers to a service desk portal url such as https://jira.xxx.co.za/servicedesk/customer/portal/4/SDHCS-1612

without being logged in. They are redirected to the service desk login page.

We have jira SSO integration with OKTA, but in order for the user to be logged in they need to be redirect to https://jira.xxx.co.za. How can we redirect them back to their initial url after redirecting them to https://jira.xxx.co.za which logs them in automatically ?

2 answers

0 votes
Lokesh Naktode_miniOrange
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
September 6, 2019

Hi @Avinash Singh ,

 

You need to add the URLs of the customer portal in the <oktaProtectedURL> tab in the okta-config-jira.xml so that Okta will use SAML authentication for URLs matching in the tag and if you need any further assistance with this, I recommend you to contact OKTA Support directly.

 

Also, there are multiple third-party SAML SSO apps for JIRA and JIRA Service Desk are available in the Atlassian marketplace which can enable to SAML SSO for both JIRA and Custom Portal without changing any of the files in the JIRA Server and provide an option to manage all the configuration from JIRA Admin dashboard.

 

Here is one of the SAML Plugin and its step-by-step guide to configure the plugin with OKTA for SAML SSO.

Plugin

https://marketplace.atlassian.com/apps/1215430/jira-saml-single-sign-on-sso-jira-sso?hosting=datacenter&tab=overview

 

Step-by-step docs:

https://plugins.miniorange.com/saml-single-sign-sso-jira-using-okta

 

Feel free to reach out to miniOrange Support in case if you need any assistance with the configuration.

 

Thanks,

Lokesh

I work for the miniOrange, one of the top SSO vendor in the Atlassian Marketplace.

Avinash Singh September 6, 2019

Thanks Lokesh - I will check out these options.

I have been in contact with Okta and Atlassian regarding this issue and their responses is that Jira Service Desk does not support SSO.

Adding the services desk url to the <oktaProtectedURL>  does not do anything to redirect users to login.

Regards,

Avinash

Like Yevgen Lasman likes this
Lokesh Naktode_miniOrange
Marketplace Partner
Marketplace Partners provide apps and integrations available on the Atlassian Marketplace that extend the power of Atlassian products.
September 6, 2019

Hi @Avinash Singh ,

 

Make sure, you have JIRA Service Desk supported version of the OKTA JIRA Authenticator jar file. 

Please check the link below for compatibility of the OKTA JIRA Authenticator with your service desk.

https://help.okta.com/en/prev/Content/Topics/Settings/Version_Histories/Ver_History_JIRA_Authenticator_Toolkit.htm

Adding the services desk URL to the <oktaProtectedURL>  does not do anything to redirect users to login.

==> Make sure custom portal URL is not configured in the <spUrls> tag of the okta-config-jira.xml file.

 

Thanks,

Lokesh

Shyam May 21, 2020

Hi @Lokesh Naktode_miniOrange  @Avinash Singh ,

 

I'm noticing the same issue in my instance now. 

What was the fix?

0 votes
Jon Espen Ingvaldsen Kantega SSO
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
September 6, 2019

Hi @Avinash Singh

Which SSO solution (addon?) are you using?
SAML SSO addons to JSD can utilize users sessions or the relay state attribute in the SAML messages to store the target URL and do a a final redirection to it.

Regards,
Jon Espen
Kantega SSO

Avinash Singh September 6, 2019

Hi,

We are not using any market place addon. We are using the SSO integration provided by Okta. See attached image for the setup.

setup_help_SAML_2_0_instructions.png

 

Regards,

Avinash

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events