1. Create a SAML Service Provider

For the Metadata, use the template below: 

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    entityID="https://jira.acme.com/jiraSAML">
    <SPSSODescriptor 
        AuthnRequestsSigned="false" 
        WantAssertionsSigned="true" 
        protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
        
        <SingleLogoutService 
            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
            Location="https://jira.acme.com/plugins/servlet/saml/auth" />
            
        <AssertionConsumerService 
            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
            Location="https://jira.acme.com/plugins/servlet/saml/auth" />
        <AttributeConsumingService index="0" isDefault="true">
            <RequestedAttribute Name="loginName" NameFormat="urn:string" FriendlyName="Login Name" isRequired="true" />
            <RequestedAttribute Name="fullName" NameFormat="urn:string" FriendlyName="Full Name" isRequired="false" />            
        </AttributeConsumingService>
        
    </SPSSODescriptor>
</EntityDescriptor>

Replace "jira.acme.com" with the domain name of your JIRA server.

The "Location" of "AssertionConsumerService" should be the same as the SAML Endpoint in the configuration of SAML add-on.

2. Create a logon procedure

Select "Web SSO" as the Type

3. Create logon steps

Click the context menu of the "JIRA" logon procedure and select "Logon Steps" from the menu

Add the necessary logon steps 

4. Create an application

Select the login procedure created in the previous step

5. Publish the application

Click the context menu of the "JIRA" application, and select "Agents" from the menu

Select "SSO Server" from the list of agents.

 

 

  • No labels