Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,296,736
Community Members
 
Community Events
165
Community Groups

How to disable SAML 2.0 in Jira Data Center 8.2 when we can't log in

Yesterday. we were testing configuring SAML 2.0 in our Jira Data Center 8.2.  We were not successful and thought we were very careful to ensure we had selected "Use SAML as secondary authentication" selected until we were successful, but had run some tests where we had it set as primary (and leaving the session open.)

 

It appears to me that the configuration was last saved with "Use SAML as primary authentication" selected but it is failing.  We are essentially locked out.

 

Is ther some way of setting "SAML Authentication to secondary" or change the SAML 2.0 to "Use Login Form" instead of SAML Single Sign-on or somehow to force an interactive user logon?

In this:

https://confluence.atlassian.com/adminjiraserver/saml-sso-for-jira-data-center-applications-938847031.html

I saw this:

If you make a mistake configuring the SAML authentication, or are unable to log in using your IdP, you can restore login form authentication by using issuing a DELETE request (using a username and password for an administrator configured in your user directory):

curl -u admin_user:admin_password -X DELETE http://base-url/product/rest/authconfig/1.0/saml

But I don't understand the context of where this is run.  Is this right in my browser or from a command line on the linux machine?

2 answers

1 accepted

You need to run this from a terminal command line / basically a machine which has curl installed. (What is curl - https://dev.to/ibmdeveloper/what-is-curl-and-why-is-it-all-over-api-docs-9mh)

It basically does a REST API call to remove the SAML Config. After that you should be able to login again.

Cheers,
Christian

Thanks! A more tech savy member of our team knew what to do with this when he came in.

I am, getting "Forbidden (403)" error when I try to disable SSO using the curl command

curl -u "localadmin_username:localadmin_password" -X DELETE -k https://jiraurl/product/rest/authconfig/1.0/saml

Like B_G likes this

Best way is to use the fallback URL.  From there you can change your configuration as needed.  Much more simple.

https://confluence.atlassian.com/jirakb/bypass-saml-authentication-for-jira-data-center-869009810.html

Suggest an answer

Log in or Sign up to answer
TAGS

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you