Page tree
Skip to end of metadata
Go to start of metadata


This guide provides step-by-step instructions on how to add Auth0 as an identity provider in JIRA using Kantega Single Sign-on

The guide can also be used when setting up SAML with Confluence, Bitbucket, Bamboo and FeCru

Adding an identity provider

In Kantega Single Sign-on add an identity Provider of the type "Any SAML 2.0 Identity Provider"


Copy the ACS URL/ Entity ID (the URLs are identical). They are used in a later step

Add a new Client

In Auth0 navigate to Dashboard and select "New Client"

  • Give the Client a name
  • Select "Regular Web Applications"
  • Press Create



  • Go to the Addons tab 
  • Select SAML 2.0

Application Callback URL

Paste the ACS URL from the Prepare step into Application Callback URL


  • Add audience and recipient (Use the ACS URL from the Prepare step)
  • Press Save, then close the Client setup

Federation Metadata

  • Go to Settings
  • Press "Show Advanced Settings"
  • Press "Endpoints"
  • Copy the SAML Metadata URL

Metadata import

  • In Kantega Single Sign-on, go to the metadata import step
  • Paste the metadata URL from the previous step
  • Press Next


  • Give the Identity Provider a name (This name is visible to end users)
  • The SSO Redirect URL is automatically imported from the metadata
  • Press Next


  • Review the imported signing certificate (This step is purely informational)
  • Press Next.


  • Select whether users already exist, or if you wish to have users automatically created upon login
  • Press Next


  • Review the Summary
  • Press Finish

Testing/configuring the identity provider 

  • The test page is anonymously accessible. This means that the identity provider admin does not need to have JIRA access to perform the IDP login test

  • Open the login test URL in a private / incognito browser window and perform a test logon 

Performing a test login to Auth0:

After a successful login, you may close the window

SSO test results

  • After a test logon is performed, go back to Test Results and select Results
  • Choose the desired SAML username attribute
  • Save the changes

Add the domain as a known domain for this identity provider

If a user with the username already exists, the following message will appear

Redirect mode

After setting up SSO choose a redirect mode that best fit your use case

Users should now be able to log into JIRA using their Auth0 account

  • No labels