You are viewing the Kantega SSO legacy documentation. The new documentation site is: https://kantega-sso.atlassian.net/wiki/x/hwAb
Documentation and Guides
Space shortcuts
Skip to end of metadata
Go to start of metadata


Setup guide for adding PingOne login to Atlassian server and datacenter products.


Context: This setup guides assumes that Kantega SSO in installed as an add-on to your Atlassian product (JiraConfluenceBitbucketBamboo, or FeCru).

The setup starts in the Configuration page of the Kantega SSO add-on. This configuration page can be found by pressing "Configure" on "Kantega Single Sign-On (SSO)" in list of installed add-ons.



1: Click “Add new identity provider" and select “PingOne

2: Sign in to the admin console of PingOne and go to the Applications page

3: Create an application

Click "Add Application" and select "New SAML Application"



Enter values for the required fields:

  • Application Name
  • Application Description
  • Category

Click "Continue to Next Step"

4: Configure URLs

Copy the URL values from the setup wizard into the "Assertion Consumer Service (ACS)" and "Entity ID" fields

5: Add givenName, surname and email attributes

For each of the three attributes, click "Add new attribute" and fill out Attribution Attribute and Identity Bridge Attribute values.

You should see a table as below when all three attributes are constructed:

Click Save & Publish


6: Download metadata

In the Review Setup page, download the SAML metadata file for your application:


Click finish to complete the application setup


7: Assign your application to User Group(s)

Navigate to the Users tab, then User Groups:



Click Edit on the group you want to assign the application to

Select your application and click Save.


You are now ready to configure PingOne as an Idp in the Atlassian product.


8: Upload Metadata XML file.

Back in the setup wizard you can now press "Next" to get to the import step and upload the metadata file downloaded in step 6.


Press "Next" to proceed to the next wizard step.


9: Give the SAML integration a name in the "Location" step.

Press "Next" to proceed to the next wizard step.

10: Verify signing certificate

Press "Next" to proceed to the next wizard step.

11: Specify whether authenticated users pre-exist or need to be created at login.

Here, you can also assign default group memberships to users at login. (Groups can also be assigned to individual users according to Group Claims in the SAML response during login. This is configured in the "Group membership" setting available after completing the setup wizard, see step 13).



Press "Next" to summarize the setting and "Finish" to complete the wizard.


12. Testing/configuring the identity provider

After finishing the wizard, you will be sent to the test pages for verification of your setup. Here, you may also perform the last configuration parts. Follow this generic introduction to the test pages and final configuration. AD FS is used as the example here.






  • No labels

https://kantega-sso.com