Kantega SSO Enterprise
Space shortcuts
Skip to end of metadata
Go to start of metadata

Bilderesultat for onelogin


Setup guide for adding OneLogin SSO to Atlassian products.


Context: This setup guides assumes that Kantega SSO in installed as an add-on to your Atlassian product (JiraConfluenceBitbucketBamboo, or FeCru).

The setup starts in the Configuration page of the Kantega SSO add-on. This configuration page can be found by pressing "Configure" on "Kantega Single Sign-On (SSO)" in list of installed add-ons.



1: Click “Add new identity provider" and select “OneLogin

2: Open your OneLogin Admin Console

Click the "Apps" tab, then "Add apps"

3: Find and select the "SAML Test Connector (Advanced)" template

In the search console, find and select "SAML Test Connector (Advanced)"

4: Give the app a name, click Save

Optionally, you can also give the app a description and portal icons.

5: Configure URLs

  • Go into the "Configuration" tab
  • Copy the response URL value from the setup wizard into the following fields:
    • Audience
    • Recepient
    • ACS (Consumer) URL
  • Copy the URL validator value from the setup wizard into the following fields:
    • ACS (Consumer) URL Validator


6: Add custom parameters

  • Go to the "Parameters" tab
  • Add custom parameters to be included in the SAML assertion (one for each of email, givenName and surname)

Create three attribute, one attribute for givenName, surname and email.

To create an attribute, click "Add parameter". Fill in Field name and click Save 

Each attribute should be included in the SAML assertion.

When the three attributes as constructed you should see a parameter tables as below:

Click Save.

7: Assure the correct roles and users have access to the new application

Under the "Roles" tab you may select what roles should have access to the new application.

You may also give single users access. This is under the specific user found under Users top menu.

8: Copy the SAML Metadata URL

Under More Actions, right click on the SAML Metadata link and copy the URL to your clipboard for later:

9. Upload Metadata XML file.

Back in the setup wizard you can now press "Next" to get to the import step and paste the metadata url (copied in previous step).


Press "Next" to proceed to the next wizard step.


10. Give the SAML integration a name in the "Location" step.


Press "Next" to proceed to the next wizard step.

11. Verify signing certificate


Press "Next" to proceed to the next wizard step.

12. Specify whether authenticated users pre-exist or need to be created at login.

Here, you can also assign default group memberships to users at login. (Groups can also be assigned to individual users according to Group Claims in the SAML response during login. This is configured in the "Group membership" setting available after completing the setup wizard, see step 12).



Press "Next" to summarize the setting and "Finish" to complete the wizard.


13. Testing/configuring the identity provider

After finishing the wizard, you will be sent to the test pages for verification of your setup. Here, you may also perform the last configuration parts. Follow this generic introduction to the test pages and final configuration. AD FS is used as the example here.






  • No labels

https://kantega-sso.com