OKTA and Jira On-Demand - AD Integration

We use Okta to create users, update users and sync passwords with JIRA, JIRA Service Desk & Confluence.  Works ok, but full SAML would be the best.  I hope Atlassian is working on that.

I do have two problems...

1. I cannot really provision users in and out of JIRA using Okta
2. I cannot figure out how to setup SSO provisioning for my Service Desk Customers.  I am sure I can somehow, but it alludes me.

We really appreciate the Okta integrations using SAML.  If their isn't integration with SAML it makes it more difficult. Without SAML every app differs in available functionality.

Most likely the access to JIRA On Demand is provided by Okta under their SWA banner, which does not require any integration with (or knowledge or approval of) the cloud system being integrated.  I haven't tried it myself from the Okta side, but apparently it's a system where users with an Okta account can enter their "JIRA credentials" into Okta in some secure way, and then from within Okta, a single click can "silently log them in" to JIRA because they're really just logging the user in for them by faking a browser session that visits the JIRA login page.

I found out about this feature when a customer of ours complained that their Okta SSO stopped working into our web app.  Since we didn't offer any authentication integrations at the time, I investigated and found Okta's SWA.  Since we had changed the form of our login page, their SWA integration stopped working until they fixed it.

In short, Okta SWA is likely to work, but it has the oddity of requiring you to enter your JIRA credentials (and those for each user) into Okta.  If that's not an experience you're willing to accept, then I'm not aware of any other solution.

I think that's a misleading page on the part of OKTA.  Cloud only supports its internal user system and Google Applications.  It does not support any form of external active directory, or other user directory systems, and it looks like it's not going to for a while.  I suspect that if OKTA have an integration, they will have to have done something that does OKTA -> Google applications

See https://jira.atlassian.com/browse/ID-79https://jira.atlassian.com/browse/ID-79 for Atlassian's official line.

What does "support" for Cloud mean? As you can't use a user directory other that Cloud internal or Google applications, what does Okta actually do for Cloud? I have to assume Mark is correct - Okta doesn't provide any real integration, it just stores your Cloud credentials alongside your Okta accounts and then serves them up when a user logs into Cloud. Is that right?

Okta does support out-of-box integration for JIRA/On-prem and Cloud versions. Most of our documentation is built right in the product and can be accessed on the fly while integrating these apps. Please reach out to us if you have any questions. Thanks! Prab Kalra Director, Technical Marketing - Okta

Here's a better link to what you reference: * https://support.okta.com/articles/Knowledge_Article/29583593-Using-the-Jira-On-Premises-SAML-App /quote/ Okta provides not only the JIRA On Demand (web app), accessible through the OAN, but also allows for single sign-on integration between Okta and JIRA on-premises. /quote/