Jenkins SAML SSO app gives the ability to enable SAML Single Sign-On (SSO) for Jenkins. Here we will go through a guide to configure Single Sign On (SSO) between Jenkins and Simple SAML. By the end of this guide, Simple SAML users should be able to log in and register to Jenkins.
To integrate your Identity Provider (IDP) with Jenkins, you need the following items:
$metadata['__DYNAMIC:1__'] = array(
'host' => '__DEFAULT__',
/* X.509 key and certificate. Relative to the cert directory.*/
'privatekey' => '<YOUR_PRIVATE_KEY_FILE_NAME>',
//eg. RSA_Private_Key.pem 'certificate' => '<YOUR_PUBLIC_KEY_FILE_NAME>',
//eg. RSA_Public_Key.cer
/* Authentication source to use. Configured in 'config/authsources.php'. */
'auth' => '<YOUR_AUTH_SOURCE_NAME>',
);
$metadata['https://example.com/plugins/servlet/saml/metadata'] = array(
'AssertionConsumerService' => 'https://example.com/',
'SingleLogoutService' => 'https://example.com/',
'NameIDFormat' => 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress',
'simplesaml.nameidattribute' => 'mail',
'simplesaml.attributes' => true,
'attributes' => array('mail', 'givenname', 'sn', 'memberOf'),
);
If you don't find what you are looking for, please contact us at support-atlassian@miniorange.atlassian.net or raise a support ticket here.