Page tree
Skip to end of metadata
Go to start of metadata

Setup guide for adding AzureAD / Office365 login to Atlassian products.

This setup guides assumes that Kantega SSO in installed as an add-on to your Atlassian product (JiraConfluenceBitbucketBamboo, or FeCru).

Context: This setup starts in the Configuration page of the Kantega SSO add-on. This configuration page can be found by pressing "Configure" on "Kantega Single Sign-On (SSO)" in list of installed add-ons.


1. Click “Add SAML identity provider" and select “Azure Active Directory (Azure AD)

 

 

2. Add an application in the Azure Portal

  • Click "Enterprise Applications"




  • Click the "New application" button on the top of the screen



  • In "Add from gallery", search for "Kantega":

 

 


  • Select the entry relevant for your Atlassian product, give it a name and click "Add".

 

3. Configure Single Sign-on for the application

Click “Single sign-on in left menu:



Select "SAML" as single sign-on method:


4. Configure URLs

Copy the response URL from the setup wizard into the Reply URL (Assertion Consumer Service URL) and Identifier (Entity ID) fields:


 

 

5. Download the Metadata XML file

 Under "SAML Signing Certificate", download the "Federation Metadata XML"-file.

 


6. Upload Metadata XML file.

Back in the setup wizard you can now press "Next" to get to the import step and upload the metadata file downloaded in step 5.


Press "Next" to proceed to the next wizard step.


7. Give the SAML integration a name in the "Location" step.

Press "Next" to proceed to the next wizard step.


8. Verify signing certificate

Press "Next" to proceed to the next wizard step.


9. Specify whether authenticated users pre-exist or need to be created at login.

Here, you can also assign default group memberships to users at login. (Groups can also be assigned to individual users according to Group Claims in the SAML response during login. This is configured in the "Group membership" setting available after the setup wizard. See step 11).

Press "Next" to summarize the setting and "Finish" to complete the wizard.


10. Testing/configuring the identity provider

After finishing the wizard, you will be sent to the test pages for verification of your setup. Here, you may also perform the last configuration parts. Follow this generic introduction to the test pages and final configuration. AD FS is used as the example here.




 

  • No labels