Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SSO from Jira "user server" to Confluence almost working

Max Allan (Surevine)
Max Allan (Surevine) April 23, 2020

Hi, I have Confluence (7.3.4) and Jira (8.8.0 and Service Desk) with a "Jira User Server" configured in Jira that Confluence is using.

IF I use Service desk linked documents (by searching for help in the customer portal) then I can see embedded documents in SD, and if I click a link to a related document I am taken to confluence and am fully logged in (can edit my profile etc.). I can go back to Jira Core and use the app navigator to go back to Confluence and I am logged in.

However, if I (logout of everything) first login to Jira Core and use the application navigator to get to Confluence then Confluence prompts me for a username/password. I am using an external auth provider (SAML from Reichert) on Jira to create the users. So users don't have a Jira password, so they cannot login with username/password.

Should the application navigator take me to a logged in Confluence? The app links are using "OAuth (impersonation)" in both directions from both apps.

(I don't think the SAML makes any significant difference to the functionality. All it does is create users in Jira's internal directory, users who don't know their passwords!)

Answer
Watch
Like Be the first to like this
581 views

1 answer

1 accepted

0 votes
Answer accepted
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 23, 2020

Hello, Max.

It sounds like there is a bunch of misconceptions here.

Using Jira as user server in Confluence will never give you SSO. It will give you "same login" i.e. same credentials both in Jira and Confluence, but no SSO, you will always have to login twice.

The integration between JSD and Confluence is most likely the effect of unlicensed users access - a special mode of integration designed specifically for this "JSD to KB in Confluence" scenario. 

OAuth only kicks in when there is some data access from one application to another e.g. Jira issue macro on the Confluence page or a link to Confluence page from Jira issue.

Application navigator does not do any authentication - merely displays a link to the other app.

If anything resolution SAML app for Jira is the only thing that is in fact related to SSO. Most likely it does this against your SAML Identity Provider (e.g. Azure Ad or ADFS or OKTA) and does not "just create users" but actually creates them on the first successful login.

How else do you login into Jira Core without a password in the scenario you've described?

To achieve what you are after (SSO between Jira and Confluence) you just need the counterpart for it on Confluence side - resolution SAML app for Confluence. Do you have it in Confluence?

View More Comments
Max Allan (Surevine)
Max Allan (Surevine) April 23, 2020

I thought that would be the case. The "User Server" docs are a bit muddled in with the Crowd docs which _does_ do SSO. It kind of sounds like it could work. And then when it works from JSD, it made me wonder if it should.

I'll have to decide whether to add the SAML on Confluence or use the JSD link! 

Like
Ed Letifov _TechTime - New Zealand_
Ed Letifov _TechTime - New Zealand_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 23, 2020

Despite the fact that I represent another SSO vendor, competing with resolution SAML - EasySSO, with EasySSO for Jira app and EasySSO for Confluence app, I would still say "go SAML". Unless you can go Kerberos/NTLM, then always be Batman!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.