Page tree
Skip to end of metadata
Go to start of metadata


This guide provides step-by-step instructions on how to add WSO2 as an identity provider in JIRA using Kantega Single Sign-on.
The guide can also be used when setting up SAML with Confluence, Bitbucket, Bamboo and FeCru.

Add a new Application

  • Log into WS02 
  • Select Add Application
  • Choose Custom Application
  • Enter an Application Name
  • Select Add


Adding an identity provider

In Kantega Single Sign-on add an identity Provider of the type "Any SAML 2.0 Identity Provider".


Copy the ACS URL. You will use this in the next step.

Configure the application

  • Fill in the URL from the previous step into the following fields:
    • Issuer
    • Assertion Consumer URL´s (Press Add)
    • Access URL
  • Save

Download IDP Metadata

  • Download the IDP metadata. You will use the metadata file in the next step.

Metadata Import

  • In Kantega Single Sign-on, go to the metadata import step.
  • Browse and select the downloaded metadata file from the previous step.
  • Press Next.


  • Give the Identity Provider a name. (This name is visible to end users.)
  • The SSO Redirect URL is automatically imported from the metadata.
  • Press Next.


  • Review the imported signing certificate (This step is purely informatinal.)
  • Press Next.


  • Select whether users already exist or if you wish to have users automatically created upon login.
  • Optionally assign a default group for new users.


  • Review the Summary.
  • Press Finish.

Testing/configuring the identity provider 

  • The test page is anonymously accessible. This means that the identity provider admin does not need to have JIRA access to perform the login test.

  • Open the login test URL in a private / incognito browser window and perform a test logon 

The following shows a successful login test. 

SSO test results

  • After a test logon is performed, go back to Test Results and select Results

  • Add the domain as a known domain 

Choosing the username attribute

  • Select the desired username attribute.
  • At the next logon will be created in the JIRA Internal Directory.

Redirect mode

After setting up SSO choose a redirect mode that best fit your use case. 

Users should now be able to log into JIRA using their WSO2 account.

  • No labels