OKTA's website shows that it is pre-integrated with "JIRA On-Demand", which is the Cloud solution. I've read previous posts stating that OKTA & JIRA Cloud integration is not possible. This seems to suggest otherwise.
Are there any issues with integrating an OKTA domain with "JIRA On-Demand"? Is there a new development which permits this?
Ultimately we would like to integrate our OKTA (AD Domain) with JIRA On-Demand Authentication.
Does anyone from Atlassian have validation that this works or doesn't? Need hard facts.
I think that's a misleading page on the part of OKTA. Cloud only supports its internal user system and Google Applications. It does not support any form of external active directory, or other user directory systems, and it looks like it's not going to for a while. I suspect that if OKTA have an integration, they will have to have done something that does OKTA -> Google applications
See https://jira.atlassian.com/browse/ID-79https://jira.atlassian.com/browse/ID-79 for Atlassian's official line.
Most likely the access to JIRA On Demand is provided by Okta under their SWA banner, which does not require any integration with (or knowledge or approval of) the cloud system being integrated. I haven't tried it myself from the Okta side, but apparently it's a system where users with an Okta account can enter their "JIRA credentials" into Okta in some secure way, and then from within Okta, a single click can "silently log them in" to JIRA because they're really just logging the user in for them by faking a browser session that visits the JIRA login page.
I found out about this feature when a customer of ours complained that their Okta SSO stopped working into our web app. Since we didn't offer any authentication integrations at the time, I investigated and found Okta's SWA. Since we had changed the form of our login page, their SWA integration stopped working until they fixed it.
In short, Okta SWA is likely to work, but it has the oddity of requiring you to enter your JIRA credentials (and those for each user) into Okta. If that's not an experience you're willing to accept, then I'm not aware of any other solution.
We use Okta to create users, update users and sync passwords with JIRA, JIRA Service Desk & Confluence. Works ok, but full SAML would be the best. I hope Atlassian is working on that.
I do have two problems...
We really appreciate the Okta integrations using SAML. If their isn't integration with SAML it makes it more difficult. Without SAML every app differs in available functionality.
Here's a better link to what you reference: * https://support.okta.com/articles/Knowledge_Article/29583593-Using-the-Jira-On-Premises-SAML-App /quote/ Okta provides not only the JIRA On Demand (web app), accessible through the OAN, but also allows for single sign-on integration between Okta and JIRA on-premises. /quote/
Okta does support out-of-box integration for JIRA/On-prem and Cloud versions. Most of our documentation is built right in the product and can be accessed on the fly while integrating these apps. Please reach out to us if you have any questions. Thanks! Prab Kalra Director, Technical Marketing - Okta
What does "support" for Cloud mean? As you can't use a user directory other that Cloud internal or Google applications, what does Okta actually do for Cloud? I have to assume Mark is correct - Okta doesn't provide any real integration, it just stores your Cloud credentials alongside your Okta accounts and then serves them up when a user logs into Cloud. Is that right?
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot