Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira Logon - SSO Kick Off

NinjawithPyjamas
NinjawithPyjamas May 14, 2020

At the moment when my user base go to my Jira URL they have to select the login button top right to kick off my SAML 2.0 ... But what i really would like is for the users to go to the URL and SSO kicks off automatically ... I know you can set it as Primary Authentication but then that impacts local admin login ...

So is there a way to "protect" the login path to kick off SSO automatically ?

Answer
Watch
Like Be the first to like this
724 views

2 answers

1 accepted

0 votes
Answer accepted
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 14, 2020

Since this is for Server - everything depends on what app you are using to do SAML SSO

Some of the apps have the feature you are after and some don't, and they can be implemented differently.

Our EasySSO for Jira for example allows a) SAML everywhere but the login/logout pages i.e. if you click logout or navigate directly to the login page - you can login with the local login b) forced SAML everywhere including login/logout, but support for a special parameter to stop it c) forced SAML everywhere, parameter disabled, but ability to disable SAML if needed via special protected "management" endpoint.

Also if you integrate EasySSO with the SecureLogin 2FA app from Syracom you can apply 2FA only to the local logins, leaving those coming via SAML alone (i.e. the assumption is that the IdP has already done 2FA if required).

View More Comments
Caro Cardona
Caro Cardona
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 24, 2020

i still can not logon

Like
Reply
0 votes
Christian Reichert (resolution)
Christian Reichert (resolution)
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 15, 2020

Hi Ninja,

it sounds a bit like you use the original Data-Center in SAML - then this article should help you to have a good workaround for your Admins: https://confluence.atlassian.com/jirakb/bypass-saml-authentication-for-jira-data-center-869009810.html

Alternatively should you use our App: https://marketplace.atlassian.com/apps/1212130/saml-single-sign-on-sso-jira-saml-sso?hosting=datacenter&tab=overview

Then here is an article how to achieve the same - with our plugin. I.e. giving admins a special URL to login: https://wiki.resolution.de/doc/saml-sso/latest/jira/knowledgebase-articles/technical/cannot-access-jira-confluence-bitbucket-bamboo-fisheye-crucible-anymore-bypass-sso

If the Bypass URL is not the Solution you like, then our plugin gives you many options to do "IdP Selection", which includes dealing with local users. Here you find a Video where I Demo the different possibilities: https://youtu.be/DoNir7eN87o

Cheers,
Chris

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events