Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to the the unique Entity ID values for Atlassian SP?

Ventsislav Gramatski
Ventsislav Gramatski
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 20, 2019

Hello everyone!

I am working to integrate SSO for our JIRA Cloud with ADFS. I understand this won't be supported by Atlassian but I can't even get the setup as I do not know where to get our unique Entity ID to complete the URLs for JIRA as the SP? I mean these:

SAML Assertion (SP Identifier):
https://auth.atlassian.com/saml/<unique Entity ID>

Login/logout redirect URL:
https://auth.atlassian.com/login/callback?connection=saml-<unique Entity ID>

 

Where the <unique Entity ID> should be dynamically created for our subscription. I raised a support case but so far the response I received is to contact our IdP to get these... given that we own and manage our IdP (ADFS), I already know the required endpoints. :)

The Azure SSO integration (at: here) suggests that the <unique Entity ID> might be generated at the moment when the SSO configuration is initiated in Atlassian Access but I would like to be certain, as the entire process will cause downtime for our production teams.

Anyone knows where/how I can get the <unique Entity ID> ? Thanks!

Answer
Watch
Like Be the first to like this
4267 views

1 answer

1 accepted

1 vote
Answer accepted
Daniel Eads
Daniel Eads
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 25, 2019

Hey Ventsislav!

Despite not providing official support, we do have some extensive documentation you may have already seen at SAML single sign-on - Unsupported identity providers.

Going off the Microsoft document you linked, the missing piece is probably what's quoted in our documentation here:

After adding your identity provider details to the 'SAML single sign-on' page for your Atlassian organization, you'll see new fields and values appear. Copy those values over to your identity provider. 

 

So this is what the admin page looks like before you add the ADFS details in admin.atlassian.com:
image.png

 

After clicking the blue "Add SAML configuration" button and filling out the details, viola, the necessary fields are available. The SP Entity ID field is the one you'll want. Sounds like ADFS or Azure AD are trying to helpfully pre-fill the non-unique part of the URL. You can just use the copy button and blow out the entire field on the ADFS/Azure side.

image.png

 

Hope that helps, and happy authenticating!
Daniel

View More Comments
Ventsislav Gramatski
Ventsislav Gramatski
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
February 26, 2019

Hello Daniel,

Thanks, exactly what I needed! I though that the SP Entity ID was being generated upon signing for Atlassian Access rather than when initializing the SSO configuration. I'll have to plan this for the switch-over. :)

 

Kind regards,

Ventsislav

Like
Reply

Suggest an answer

Log in or Sign up to answer
Atlassian logo
Atlassian Guard
TAGS
AUG Leaders

Atlassian Community Events

    See all events