Single Sign-On for Evolution Gaming
Seamless SSO Integration and User Management in Jira, Confluence using Okta
Know MoreminiOrange SAML SSO
Automating User Activation/Deactivation with SAML SSO
100%
Secure Authentication
54+
Integrated Add-Ons
Challenge 1 :
User Provisioning and Deprovisioning
Being an online gaming company, the user registrations rate in Evolution Gaming is very high. As a result, their user count threshold for the Jira and Confluence license is reached frequently. They store and manage their users in Okta. In order to manage the user limit, they needed auto-activation and deactivation feature which activates and deactivates a user in Jira and Confluence servers whenever the operation is performed in Okta.
User Synchronization solution for Evolution Gaming
miniOrange provided a solution that automatically activates/deactivates a user in both Jira and Confluence when the user is activated/deactivated in Okta. miniOrange achieved this by introducing an Okta API based user provisioning solution for Atlassian applications (Jira and Confluence) using existing SSO plugins. Here, the Atlassian application sends an authenticated request to Okta to fetch the user information and based on the response received, the user information is updated in Jira and Confluence. The request for user information is sent regularly after a certain time interval. This means that the changes in Okta will be regularly updated in both Jira and Confluence. So Jira or Confluence administrators don’t need to manually update the users now.
For example, if a user, Adam, is deactivated in Okta, Adam’s account will get deactivated in both Jira and Confluence automatically and Atlassian admins don’t need to manually deactivate Adam’s account in each of the applications. Along with this miniOrange provides Just In Time user provisioning, where users’ information is also updated on each login.
Challenge 2 :
Log in with Internal and External users
Evolution gaming has multiple customer portals for users to raise support tickets in Jira Service Desk. But users cannot be managed in the same way for all the customer portals. This is because all the users are not managed in one place, some of them are managed in the Identity Provider i.e. OKTA whereas others in Jira’s internal directory. So they were looking for a product that can differentiate between internal and external users and take users to the appropriate login pages.
Solution for Customer Portal Based Redirection
miniOrange provided a solution of redirection based on the customer portal. This solution differentiates the internal and external users based on the Customer Portal URL accessed as the users accessing a particular portal were stored in either Okta or internally in Jira. The admin can decide to log in through Okta or log in through Jira using the ‘Auto Redirect to IDP’ and ‘Disable Auto Redirect to IDP’ for selective portal features. Let us consider, for example, the Jira administrator has enabled the ‘Auto Redirect to IDP’ option and configured Portal 1 in the ‘Disable Auto Redirect to IDP’ option in the plugin. Thus the users accessing the Portal 1 are considered as internal users and are prompted to log in with the Jira login page and users accessing any other Portal are considered as external users and are redirected to Okta login page for SSO. (Refer to the diagram below) This way all portals can be customised to show any Identity Provider’s login page or Jira login page.
How It Works
miniOrange SAML Single Sign-On (SSO) add-on acts as a SAML client and helps the user establish trust between the Atlassian applications and the SAML Identity Provider, to securely authenticate the user to the application. When the user tries to access the Jira/Confluence page, they are redirected to the Identity Provider login page for authentication. On successful authentication they are redirected back to the page they were trying to access. The user group provisioning is done automatically through SSO, thus giving the application access to the user.
Our SAML Single Sign-On provides the best SSO features - an add-on that works with all Identity Providers. Enable users to sign in to the application with your Identity Provider. We support all known providers - Google Apps, ADFS, Azure AD, Okta, Facebook, Salesforce, GitHub, GitLab, Keycloak, Discord, meetup, AWS Cognito, Azure B2C, Slack, miniOrange, etc.
Key Benefits
- Ease of Managing Users: User operations have to be performed only in the Identity Provider for the changes to be carried over to the service provider. So the administrator does not need to manage users in multiple places.
- Easy to Control user limit: Using this solution, it is easy to manage the user limit for the service provider license.
- Saves admin’s time: This solution saves the administrator’s time in managing users allowing them to focus their time on something else.
- Ease of handling both internal and external users: With the help of solutions provided above, both internal and external users are redirected to respective login pages (the Jira login page and the IDP login page).
- Cost-effective: As this solution manages the user limit for the service provider license, there is no need to buy a higher user tier license.
- Ease of Access: For the end-users, it reduces the responsibility of managing multiple sets of usernames and passwords.
In conclusion, marketplaces have many products according to business needs. For Evolution Gaming, our product proved to be the best. What about you? Which product is best for you?