Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SAML SSO implementation for Jira, Confluence Data Center applications?

Srikanth Ganipisetty
Srikanth Ganipisetty
Contributor
January 23, 2023

Hello, I've implemented SSO via Atlassian Access for Jira and Confluence Cloud applications successfully before. But was trying to implement this time to the Jira Software (with JSM) and Confluence DC applications that have large userbase of 12000+

1) As I read the Atlassian recommendation article, it is talking about the setup using SSO inbuilt app. Have you used this app? What are your experiences? 

2) I am still finding details of this SSO App vs the popular marketplace vendor apps like Jira User Sync, which one is best? I don't see much difference between the features. 

3) Any best practices tips you can recommend before we initiate the set up in our Sandbox environments? 

4) We have two directories that users are coming from into Atlassian Suite. I see SSO app given by Atlassian configures to pull only 1 directory. Is my understanding true? 

Happy to provide the responses below, looking to gather as much as I can and change this question to a discussion. :) 

Thanks,

Sri

Answer
Watch
Like Be the first to like this
1226 views

3 answers

0 votes
Capi [resolution]
Capi [resolution]
Atlassian Partner
January 24, 2023

Hi @Srikanth Ganipisetty ,

Happy to contribute to the debate! I'm the content manager at resolution, the vendor of the most widely installed SSO solution for Data Center.

Since we were getting a lot of questions like yours, at resolution we created a full feature comparison between the Data Center SSO functionality and what our SAML SSO apps provide. You can check it here:

Feature comparison: resolution SSO vs Data Center SSO

That should clarify what you can expect from both sides. Some additional remarks to guide you:

  • Generally speaking, the Data Center built-in functionality works well for very simple implementations, but doesn't do a good job when it comes to solving advanced requirements like group transformations or automatic user deactivation, which I would recommend for the number of users that you have.
  • Since you asked about User Sync, you should note that the only sync functionality you can get with Data Center is through LDAP if you're using AD. If you've moved to a cloud IdP, you won't be able to sync your directory. Your users would then most likely be updated with Just in Time provisioning, as they log into Jira/Confluence.
  • Regarding your 4th point, I believe Atlassian supports the configuration of multiple directories, but their implementation is a bit more basic and it may not work perfectly to do what you want. We provide more advanced options. For example, our app will trigger an update in remote directories (in case you have any) in order to get the most accurate user before the login
  • Ultimately, our experience is that every customer is different, so it's very hard to say whether DC would work for you without knowing your complete requirements, and then you would have to test against those requirements. But I'm quite confident that our app would work for you, because we've been adding functionality to it constantly since 2013 and right now it's the most flexible option out there. 

Below are the links for your reference:

We offer every Atlassian customer free support and meetings during your evaluation to explore your requirements and help you set everything up, even if it means doing work on your IdP to get ready for the installation. Don't hesitate to reach out to my support colleagues when you're ready to get your hands dirty!

Reply
0 votes
Andrew Laden
Andrew Laden
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 24, 2023

If you want to compare some alternatives. (nothing against mO SSO, I have no experience with them)

I used the EasySSO app for my single sign on implementation. 

https://marketplace.atlassian.com/apps/1212581/easy-sso-jira-kerberos-ntlm-saml?hosting=datacenter&tab=overview

Works well for me. In particular I leverage the kerberos based authentication, which is a better user experience for users logging in from windows desktops then SAML.

(I am a customer, I dont work for them)

Reply
0 votes
Arnav Ghatage
Arnav Ghatage
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 23, 2023

Hey Srikanth,

Since you have a large userbase of 12000+, I would recommend you to go with one of the following plugins:

  1. mO Jira SAML SSO
  2. mO Confluence SAML SSO

Both these applications are capable of handling a large user base with ease. Along with priority support, they are also updated frequently and come with additional security features like:-

  • Multiple IDP/Directory Support
  • Just In Time User and Group Provisioning
  • Emergency Login Access
  • Single Logout

I can also explain the differences between the Inbuilt SSO plugin v/s miniOrange plugin. We can choose the one that best goes with your use case!

We also offer free demo and setup assistance! Feel free to reach out to us at atlassiansupport@xecurify.com

P.S. - I work for miniOrange, a top vendor on the Atlassian Marketplace. 

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events