Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SAML Azure JIRA Cloud Configuration Errors

Mary C Wilson
Mary C Wilson October 26, 2017

We have followed the instructions mentioned in https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-atlassian-cloud-tutorial, but are currently getting the following response.

Oops, there was an error logging you in.

Please contact your administrator to check single sign-on configuration.

Error reference: . Error reported: Invalid issuer in the Assertion/Response

Any help would be greatly appreciated as Atlassian support claims they don't see any errors and isn't much help. They keep saying the identifier is wrong, but we have it set to https://id.atlassian.com/login.

Answer
Watch
Like Be the first to like this
2541 views

2 answers

0 votes
Brant Schroeder
Brant Schroeder
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 26, 2017

Place a / on the back of the identity provider entity ID url.

View More Comments
Mary C Wilson
Mary C Wilson October 26, 2017

I tested changing the entity ID with a slash and received the following errors.

 

without.jpgwith.jpg

Error with Entity ID: https://id.atlassian.com/login/ 

Like
Mary C Wilson
Mary C Wilson October 26, 2017

I'm unclear if we're putting the / on both the Azure and JIRA sides or just one side?

Like
Brant Schroeder
Brant Schroeder
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 26, 2017

In the JIRA config the Identity provider Entity ID text box should have the SAML Entity ID which you copied from Azure portal this should end in a /.  In the Identity provider SSO URL should have the SAML Single Sign-On Service URL which you copied from Azure portal and should not have an ending /.   Add the certificate and save the settings.   Make sure that Azure AD settings have the correct identifier URL and test again.

Like
Mary C Wilson
Mary C Wilson October 26, 2017

Hmm.  Thanks so much for trying to help!!  This is what we have - still getting the oops error:

JIRA Side:

Identity provider Entity IDhttps://sts.windows.net/afd68e8f-a6e1-499f-9638-dceea8479772/

Identity provider SSO URLhttps://login.microsoftonline.com/afd68e8f-a6e1-499f-9638-dceea8479772/saml2

Azure Side:

Identifierhttps://id.atlassian.com/login

Reply URL: https://id.atlassian.com/login/saml/acs

Like
AgentSmith
AgentSmith
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 8, 2017

According to the instructions that follow:

https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-atlassian-cloud-tutorial

... the identifier URL should be as so:

https://<instancename>.atlassian.net/admin/saml/edit 

hoping this helps 

Like
Reply
0 votes
Brant Schroeder
Brant Schroeder
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
October 26, 2017

This is caused by the incorrect Single Sign-on Issuer configured. Make sure you have copied the entityID attribute correctly, including the trailing slash.

View More Comments
Mary C Wilson
Mary C Wilson October 26, 2017

We've copied it directly from the embedded Azure configuration, but are continuing to get the error.

Like
Mary C Wilson
Mary C Wilson October 26, 2017

E75DD1F3.PNG

Like
Mary C Wilson
Mary C Wilson October 26, 2017

and our JIRA SAML config:  ScreenShot165.jpg

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events