miniOrange provides secure access to Crowd for enterprises and full control over access of applications, Single Sign On (SSO) into Crowd with one set of login credentials.
miniOrange SAML Single Sign on (SSO) plugin acts as a SAML Service Provider which can be configured to establish the trust between the plugin and a SAML capable Identity Providers to securely authenticate the user to the Crowd Server.
User based Pricing
No of Users |
Pricing for Premium Plugin
|
| 50 |
$10 |
| 100 |
$500 |
| 500 |
$1000 |
| 500+ |
$2000 |
Crowd SAML Plugin vs Individual SAML Plugin for other Atlassian Application
Key benefits
- Users are automatically signed into Crowd as well as connected Atlassian Applications.
- Users don't have to enter their passwords repeatedly.
Limitation
- The user landing page has to be crowd login page for SSO. If you want to login from the JIRA or other Atlassian application's login page then you need to use the Crowd SSO connector along with the Crowd SAML SSO plugin or you can use the dedicated SAML plugin for the Atlassian Application, Please check the links given below.
Follow the Step-by-Step Guide given below for Atlassian CROWD Server Single Sign-On (SSO) using SAML
Step 1: Download and installation
- Stop Crowd Server.
- Put the plugin's jar file on plugins directory, sub-directory of your shared Crowd home directory (or the main Crowd directory in versions prior to Crowd 3.0).
- Restart the Crowd Server.
- Login to Crowd Admin Console.
- Click on the admin dropdown and click on miniOrange SAML SSO .
Step 2: Register/Login with miniOrange using addon
- Click on miniOrange SAML SSO in the admin dropdown.
- Register with miniOrange using a simple form in add-on.
- If you are Already Registered with miniOrange, you can direclty login in to the plugin .
Step 3: Verify License Key
- Enter your license key and click on varify.
Step 4: Configuring the plugin
- Using IdP information user could add details in Configure SP.
- Provide the required settings (i.e. IdP Entity ID, IdP Single SignOn Service Url, X.509 certificate) in the plugin and save it OR upload metadata given by the IdP by provinding URL or XML file.
For Example:
| IdP Entity Id | https://login.xecurify.com/moas |
| Single Sign On URL | https://login.xecurify.com/moas/idp/samlsso |
| Single Logout URL | https://login.xecurify.com/moas/idp/samllogout |
| Identity Provider Certificate | Upload the certificate downloaded from miniOrange Admin Console |
Step 5: Test Configuration
- Click on the Test Configuration button to perform SSO and fetch user attributes from IdP.
- The below screenshot shows successful test result.
- This screenshot shows the attributes that are received and are mapped by attribute mapping.
Step 6: Attribute Mapping
- Attribute Mapping helps you to get user attributes from your IdP and map them to Crowd user attributes.
- Please refer to attributes received in successful Test congiguration and use them for Attribute Mapping.
- In Attribute Mapping details like username and NameID as shown in step 4 of Test Successful are mapped to Username and Email respectively.
- Also Full Name or Separate Name(i.e First and Last Name)attributes are given as options according to Crowd user attributes
- While auto registering the users, these attributes will automatically get mapped to your Crowd user details.
- Clicking Keep Existing User Attributes checkbox will disable attribute mapping for existing users. New users will be created with attribute mapping defined.
Step 7: SSO Sign In Settings
There are different ways to login to your Atlassian Crowd Server.
- Login Button Text make your organization's SSO easy for Crowd users to recognize.
- Set Relay State URL to redirect all users to a particular URL after SSO login.
- You also have option to disable your Crowd login by clicking Disable Crowd Login checkbox. If Crowd Login is disabled, all users will be redirected to IdP for login. Redirect rules for administrator functions are defined by Secure Admin Login Options.
- Enable backdoor checkbox allows administrators to bypass external authentication and log in with a Crowd administrator using username annd password. Note: a logged-in user cannot access this page, you need to logout to access this.
Crowd SSO Connector for Atlassian Applications
Also, looking to enable SAML SSO for all connected Atlassian applications? miniOrange also has SAML SSO connector that expands the SAML SSO functionality from Crowd to its connected Atlassian applications.
Crowd SSO Connector for JIRA
Crowd SSO Connector for JIRA connects to the SAML Single Sign-On for Crowd for SSO into JIRA Server with any SAML 2.0 compliant Identity Provider. You can enable it with the few steps.
- Step 1: Configure Crowd SAML SSO plugin with the steps given in the above section.
- Step 2: Enable Crowd SSO with your JIRA Server. Click here to get the steps to enable Crowd SSO for your JIRA Server.
- Step 3: Download and install the Crowd SSO Connector for JIRA from the Atlassian Marketplace.
- Step 4: Configure Crowd base URL and define the redirect rule in the Configuration tab of the connected.
- Step 5: All done.
Crowd SSO Connector for Confluence
Crowd SSO Connector for Confluence connects to the SAML Single Sign-On for Crowd for SSO into Confluence Server with any SAML 2.0 compliant Identity Provider. You can enable it with the few steps..
- Step 1: Configure Crowd SAML SSO plugin with the steps given in the above section.
- Step 2: Enable Crowd SSO with your Confluence Server. Click here to get the steps to enable Crowd SSO for your Confluence Server
- Step 3: Download and install the Crowd SSO Connector for Confluence from the Atlassian Marketplace
- Step 4: Configure Crowd base URL and define the redirect rule Configuration tab of the connected.
- Step 5: All done.
Crowd SSO Connector for Bitbucket
Crowd SSO Connector for Bitbucket connects to the SAML Single Sign-On for Crowd for SSO into Bitbucket Server with any SAML 2.0 compliant Identity Provider. You can enable it with the few steps.
- Step 1: Configure Crowd SAML SSO plugin with the steps given in the above section.
- Step 2: Enable Crowd SSO with your Bitbucket Server. Click here to get the steps to enable Crowd SSO for your Bitbucket Server.
- Step 3: Download and install the Crowd SSO Connector for Bitbucket from the Atlassian Marketplace.
- Step 4: Configure Crowd base URL and define the redirect rule in the Configuration tab of the connected.
- Step 5: All done.
Crowd SSO Connector for Bamboo
Crowd SSO Connector for Bamboo connects to the SAML Single Sign-On for Crowd for SSO into Bamboo Server with any SAML 2.0 compliant Identity Provider. You can enable it with the few steps.
- Step 1: Configure Crowd SAML SSO plugin with the steps given in the above section.
- Step 2: Enable Crowd SSO with your Bamboo Server. Click here to get the steps to enable Crowd SSO for your Bamboo Server
- Step 3: Download and install the Crowd SSO Connector for Bamboo from the Atlassian Marketplace
- Step 4: Configure Crowd base URL and define the redirect rule in the Configuration tab of the connected.
- Step 5: All done.
Crowd SSO Connector for Fish eye
Crowd SSO Connector for Fish eye connects to the SAML Single Sign-On for Crowd for SSO into Fish eye Server with any SAML 2.0 compliant Identity Provider. You can enable it with the few steps.
- Step 1: Configure Crowd SAML SSO plugin with the steps given in the above section.
- Step 2: Enable Crowd SSO with your Fish eye Server. Click here to get the steps to enable Crowd SSO for your Fish eye Server
- Step 3: Download and install the Crowd SSO Connector for Fish eye from the Atlassian Marketplace
- Step 4: Configure Crowd Base URL also define the redirect rule in the SSO Redirection tab of the plugin.
- Step 5: All done.
