Relatert bilde

Setup guide for adding Keycloak login to Atlassian server and datacenter products.

This setup guides assumes that Kantega SSO is installed as an add-on to your Atlassian product (JiraConfluenceBitbucketBamboo, or FeCru).

Context: This setup starts in the Configuration page of the Kantega SSO add-on. This configuration page can be found by pressing "Configure" on "Kantega Single Sign-On (SSO)" in list of installed add-ons.

Log into Keycloak admin 

Log into Keycloak and select your realm. We are using the relam name

Prior to this test, User Federation using LDAP have been set up against the Active Directory domain

User Federation

In this test we are using userPrincipalName as the usernameme attribute. These settings are found under User Federation,

Username LDAP attribute: userPrincipalName
RDN LDAP attribute: userPrincipalName

LDAP Mappers,username, LDAP Attribute: userPrincipalName

Adding an Identity Provider

In Kantega Single Sign-on add an identity Provider of the type "Any SAML 2.0 Identity Provider".


Add a Client in Keycloak



Mappes are only needed if you want to have users automatically created upon login.

If users already exist in JIRA, you can skip this step.

Create mapper for lastName:

Create mapper for givenName

Create mapper for email:

Create mapper for managed group claims:

Metadata import





Testing/configuring the identity provider

After finishing the wizard, you will be sent to the test pages for verification of your setup. Here, you may also perform the last configuration parts. Follow this generic introduction to the test pages and final configuration. AD FS is used as the example here.