Dual-IDP SSO in Jira for Repario with miniOrange
Custom URL-based redirection and seamless SSO with Okta & Azure AD
Know MoreminiOrange OAuth/OIDC App
Single Sign On and User Identity that’s easy to use
100%
Secure Authentication
54+
Integrated Add-Ons
Client Overview
Repario is a global leader in eDiscovery, digital forensics, and information governance, renowned for its client-centric approach and innovative solutions. Formed through the integration of industry pioneers such as Teris, Modus, Elijah, and Meta-e, Repario combines deep expertise with cutting-edge technology to deliver comprehensive services across the legal and corporate sectors.
The Challenge
Repario was seeking a solution to enable Single Sign-On (SSO) for their Jira Data Center environment using two different identity providers. The key challenge arose from their dual URL setup—URL1 acted as the primary Jira URL and needed to redirect users to IDP1 (Okta), while URL2 functioned as an alias pointing to a specific Jira Service Desk project and required redirection to IDP2 (Azure AD). The complexity increased due to redirections being handled by HAProxy, necessitating precise control over when and how SSO was triggered. SSO had to be enforced only for URL1 within Jira, but both URLs needed SSO support for Jira Service Desk. The solution also needed to ensure accurate user redirection based on the accessed URL and target project, all while preventing incorrect SSO triggers during proxy-level redirections.
Solutions we provided to Repario
OAuth/OIDC SSO
After thoroughly understanding Repario unique requirements, miniOrange delivered a customized version of the Jira OAuth/OIDC SSO plugin equipped with advanced Custom Base URL Redirection capabilities. The tailored solution allowed configuration of custom base URLs for both URL1 and URL2, enabling precise URL-based redirection rules to initiate the appropriate SSO flow—Okta (IDP1) for URL1 and Azure AD (IDP2) for URL2. It also offered full compatibility with HAProxy-based proxy setups and included project-specific redirection logic to ensure users were directed to the correct Jira Service Desk projects. This resulted in a seamless and reliable SSO experience across both identity providers and URLs.
How It Works
The Jira SSO plugin intelligently detects the incoming request URL and, based on the configured Custom Base URL Redirection settings, automatically determines the appropriate identity provider for authentication. When users access URL1, they are seamlessly redirected to Okta (IDP1), while access via URL2 triggers redirection to Azure AD (IDP2). After successful authentication, users are returned to their respective Jira project pages without any manual intervention. Additionally,the plugin ensures that group memberships are dynamically synchronized during the login process, maintaining accurate user permissions across the platform.
Key Benefits
- URL-Based SSO Routing: Enabled IDP-specific login flows for each Jira URL using custom redirection rules.
- HAProxy Compatibility: Worked seamlessly within existing proxy-based infrastructure.
- Accurate Project Redirection: Directed users to the correct Jira Service Desk project post-login.
- Controlled SSO Triggers: Avoided incorrect authentication flows by isolating Jira and Service Desk behavior.
- Smooth Multi-IDP Experience: Delivered consistent, secure access via Okta and Azure AD.
- Real-Time Group Sync: Maintained accurate access control through dynamic group assignment.
Every Jira setup is unique—and so are the solutions. For Repario, our custom SSO integration was the perfect fit. What about you? Is your Jira SSO setup working for your business needs?
Repario need for a seamless, dual-IDP SSO experience across multiple Jira URLs was met with precision and adaptability through miniOrange’s customized solution. By implementing custom base URL redirection, project-specific routing, and full HAProxy support, we enabled Repario to achieve a smooth and secure SSO workflow with both Okta and Azure AD. The result was a tailored, enterprise-grade integration that not only respected their technical architecture but also elevated their user experience. Whether you’re managing a complex infrastructure or simply aiming for smarter authentication, our solutions evolve with your needs—just like they did for Repario.
