We are happy to announce special offers for miniOrange Atlassian SSO, 2FA, REST API, User Sync and Group Sync Apps.
Confluence SAML app gives the ability to enable SAML Single Sign On for Confluence Software. Confluence Software is compatible with all SAML Identity Providers. Here we will go through a guide to configure SSO between Confluence and your Identity Provider. By the end of this guide, users from your Identity Provider should be able to login and register to Confluence Software.
To integrate your Identity Provider(IDP) with Confluence, you need the following items:
Configure Identity Provider
By Metadata URL:
By uploading Metadata XML file:
1. IDP Name
2. IDP Entity ID
3. Single Sign On URL
4. Single Logout URL
5. X.509 Certificate
Configure Multiple Identity Providers
When user logs into Confluence, one of the user’s data/attribute coming in from the IDP is used to search the user in Confluence. This is used to detect the user in Confluence and login the user to the same account.
With the Quick Setup method, you can get the SP metadata from the first step of adding an IDP. The steps to initiate Quick Setup are given below :
After completing the above steps, you will see the first step of the Quick Setup process. This step deals with setting up your IDP.
Here you will find your SP's metadata. You will need to provide this metadata to your IDP. There are two ways to add this metadata to your IDP.
If you wish to add the metadata manually, then you can choose By manually configuring the metadata on your IDP You will find the following information. These details will need to be provided to your IDP
The next step of the Quick Setup flow deals with setting up IDP metadata on SP. We will pick this up in the next section of the setup guide.
If you have chosen to add your IDP using the Quick Setup flow then you have already completed the first step, which is to add SP metadata to your IDP. Now you can proceed with the second step of the Quick Setup method
This step is where you will be adding your IDP metadata.
There are 3 ways in which you can add your IDP metadata. Use the drop-down to select any of the following methods :
Add your metadata URL in the Enter Metadata URL field.
Use the Choose File button to browse for your metadata file.
To configure the IDP manually, you will need to have the following details from your IDP's metadata.
Once you have added the IDP metadata, click on Save. If the IDP has been added successfully, then you will see a Test and Get Attributes button. Click on this button to test if the IDP was added successfully.
In this step you will be setting up basic user profile attributes for your SP
If you plan on customizing your IDP setup from the get go, you can find the metadata in the SP Metadata. Here you will find your SP's metadata. You will need to provide this metadata to your IDP. There are multiple ways to add this metadata to your IDP :
Depending on how your IDP accepts the metadata, you can either provide the metadata URL or you can use the Download Metadata button to download an XML file for the same.
If you wish to add the metadata manually,you will find the following information in this section. These details will need to be provided to your IDP.
The custom setup flow allows you to dive into the complete set of configurations that we provide to add a SAML Identity Provider. The steps to configure an IDP using the Custom Setup option are :
With the information you have been given by Your IDP team, you can configure IDP settings in 3 ways:
Go to Manual Configuration tab and enter the following details:
Next we will be setting up user profile attributes for Jira. The settings for this can be found in the User Profile section.
When the user logs into
Jira, one of the user's data/attribute coming in from the IDP is used to search the user in Jira. This is used to detect the user in Jira and log in the user to the same account.
You can configure it using steps given below:
Now we will be setting up user group attributes for Jira. You can replicate your user's groups present on IDP in your SP. There are multiple ways of doing this.
Enable 2FA/MFA for users & groups and let users configure 2FA during their first login.
Synchronize users, groups & directory with SCIM & REST APIs for Server/DC.
Secure your Confluence Data Center/Server REST API using API Tokens.