Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Single Sign On & Single Sign Off using SAML/OIDC plugins on multiple Atlassian tools transparently


Hi All,

In a scenario where JIRA and Confluence share an Identity Provider, if a user has logged in via SSO in Confluence... it should be automatically recognised as that user in JIRA
Without any single manual step, eg click on login again on JIRA. 

In the same scenario where the user is not logged in using SSO, user should have the ability to view the public projects/spaces and sign in via SSO.


Second case is that if the user logs out *anywhere* (that is, Keycloak,JIRA, Confluence or anywhere else that uses the federated login) then it should be logged out in all the federated applications


Please share your experiences in achieving the above using plugins without any custom coding. Thanks for your time, much appreciated.





We have the same problem. A number of plugins allow for automatic and "transparent" login but only if no anonymous access is required. If we have to enable anonymous access to some content (ie without requiring login) then JIRA doesn't know that the user has logged in in the Identity Provider and already been recognized by Confluence at this point.

Has anyone managed to crack this problem. This scenario seems to work fine with mod_auth_openidc, for example.


OK just some of my own input on the issue.

Apache's mod_auth_openidc does offer a solution to this problem by using iframes, which of course only works with OpenID Connect (what the module implements)

I would guess that any solution for SAML would have to work on the same principles. Do we know if any of the plugins available implements this kind of "Session Management"?




Log in or Sign up to comment