You are viewing the Kantega SSO legacy documentation. The new documentation site is:

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: IIS proxy rewrite hint


In addition you should navigate to the IP restrictions page in the Kerberos menu and set the correct way of seeing the correct IP:

SAML: Redirection to identity provider fails with 404

If IIS is being used as a reverse proxy and you're getting 404 when trying to log in with SAML, IIS could be rewriting the identity provider redirect URL to point back to the Atlassian application. An example using ADFS, the browser is redirected to instead of .

If this is happening, check any Rewrite rules for IIS and ARR. Then ensure "Reverse rewrite host in response headers" is disabled: Select the IIS server, open the Application Request Routing Cache pane, then select Proxy Settings from the right menu.

Image Added