How Siemens Simplified Jira Cloud Migration with miniOrange SSO
Siemens, a global technology leader, ensured a seamless migration from Jira Server to Jira Cloud by integrating their on-premises OAuth/OIDC provider with Atlassian Cloud using miniOrange’s SSO Broker solution. The result: secure, uninterrupted authentication across platforms without changing identity infrastructure.
Siemens’ Business Challenge
For years, Siemens relied on miniOrange’s Jira OAuth/OIDC SSO solution to securely connect its Jira Server environment with its on-premises OAuth provider. This setup ensured a smooth, centralized login experience for thousands of employees worldwide.
However, with Atlassian announcing the end of server products, Siemens began migrating its large-scale ecosystem to Jira Cloud. The main challenge?
Migrating to Jira Cloud While Retaining an On-Premises OIDC SSO Setup
Atlassian Cloud only supported basic SAML SSO functionality, which meant Siemens couldn’t directly connect its existing OAuth/OIDC Provider, a core component of its enterprise security framework.
Siemens needed a solution that would:
- Enable SSO on Jira Cloud using their existing OIDC provider
- Avoid major infrastructure changes or protocol migrations
- Ensure consistent authentication experiences for global teams
- Maintain strong compliance and security controls
How miniOrange Helped Solve Siemens’ Challenge
miniOrange anticipated this very challenge when Atlassian first announced the server phase-out and had already developed a cloud-ready SSO broker solution designed for enterprise clients like Siemens.
Bridging OAuth/OIDC with Atlassian Cloud Through a Custom SSO Broker
This innovative integration allowed Siemens to connect Atlassian Access with any OAuth/OIDC provider, whether standard or custom-built, while maintaining all security and authentication protocols.
Here’s how it worked:
- Atlassian Access ↔ miniOrange: A secure SAML connection was established between Atlassian Access and miniOrange.
- miniOrange ↔ Siemens’ OIDC Provider: A second connection was set up using the OAuth/OIDC protocol to Siemens’ on-premises identity provider.
- Broker Conversion: miniOrange acted as a protocol translation bridge, converting SAML authentication requests from Atlassian into OAuth/OIDC requests for Siemens’ IDP, and back again.
This allowed Siemens to keep using their existing OIDC-based authentication system while enjoying full SSO capabilities on Jira Cloud, without needing to migrate identity infrastructure or retrain users.
Success Outcome: Secure, Seamless Cloud Authentication Without Disruption
By implementing miniOrange’s OAuth/OIDC–SAML Broker Solution, Siemens successfully migrated to Jira Cloud while preserving its enterprise-grade authentication standards.
Key Results Achieved:
- Seamless Migration: Siemens transitioned to Jira Cloud without losing any SSO functionality.
- No Protocol Change Needed: Continued using the existing OAuth/OIDC provider, no reconfiguration or migration to SAML required.
- Enhanced Security: Maintained centralized authentication, ensuring consistent security enforcement across systems.
- Cost & Time Efficiency: Eliminated the need to rebuild identity integrations, saving significant development effort.
- Scalable Architecture: Supported multiple OAuth/OIDC providers within the same setup, ideal for Siemens’ global teams.
With this setup, Siemens achieved enterprise-grade SSO in the cloud while avoiding the complexity and risk of replacing their trusted on-premises identity infrastructure.
About KPMG
Siemens AG is a global powerhouse in electrification, automation, and digitalization, delivering innovative technologies across industries such as manufacturing, energy, healthcare, and infrastructure. With operations in over 190 countries, Siemens is at the forefront of industrial transformation, driving digital innovation through secure, scalable, and integrated enterprise solutions.