Hello there!

Need Help? We are right here!

support
miniOrange Support

Thanks for your inquiry.
One of our representatives will get in touch with you shortly via email.






Single Sign-On for JIRA using Fiede

About Fiede

Fiede is a joint electronic identity system for students and educators to access web services for their daily work. Its ability to allow various educative applications to register and set up Single Sign-On to them, with different protocols, makes it much simpler to use for professionals. Also, strong security concern of not disclosing credentials, even though the user is using so many applications, makes it reliable for Fiede registrants.

Challenge

In Fiede, the user stays logged in during the entire session of using different service applications. Many times JIRA has user accounts of the educational organization, through which user may try to log in. JIRA has multiple features which allow Single Sign-On, but it lags an integration which allows JIRA and Fiede applications to sync with each other.

Solution

miniOrange has created an integration which can help to offer seamless service to JIRA users. miniOrange JIRA SAML plugin provides the necessary integration which allows Single Sign-On to set up and JIRA and Fiede application accounts can easily sync.



Configuring-jira-sp-plugin
Hello there!

Need Help? We are right here!

support
miniOrange Support

Thanks for your inquiry.
One of our representatives will get in touch with you shortly via email.

Steps to configure JIRA SP Plugin :

Step 1: Download and installation

  • Login as administrator in JIRA.
  • Click the admin dropdown and choose Add-ons.
  • The Manage add-ons screen loads.
  • Click Find new add-ons from the left-hand side of the page.
  • Locate miniOrange SAML Single Sign-On for JIRA via search.
  • Results include add-on versions compatible with your JIRA instance.
  • Click Install to download the add-on.


Step 2: Installing the plugin

  • After switching from test instance to production instance, obtain plugin configuration from the download plugin settings tab given.

Step 3:Service Provider Info

  • Click on Service Provider Info button after installing the add-on.
  • Download guide for the IDP from the dropdown given in Configure Identity Provider.
  • Download metadata to upload SP details in IDP. Optionally add signing and encryption certificate to metadata. OR Copy values to manually add in IDP.
  • Replace URL value in SP Base URL if server URL is different.
  • Also, import IDP metadata and note the information regarding X.509 certificate, IDP entity id, Single Sign-On service URL and so on and keep it handy.

Step 4: Configuring the Identity Provider

  • Using IdP information user could add details in Configure IDP.
  • Provide the required settings (i.e. IDP Entity ID, IDP Single Sign-On Service URL, X.509 certificate) in the plugin and save it OR upload metadata given by the IdP by providing URL or XML file.
  • For Example:
IDP EntityID: Obtain this from your IDP
Single Sign On URL: Obtain this from your IDP
Single Logout URL: Obtain this from your IDP
X.509 Certificate: Obtain this from your IDP


OR


Step 5: Test Configuration

  • Click on the Test Configuration button to perform SSO and fetch user attributes from IdP.
  • The below screenshot shows successful test result.
  • This screenshot shows the attributes that are received and are mapped by attribute mapping.

Step 6: Go to User Profile Tab for setting the attributes

  • User Profile helps you to get user attributes from your IdP and map them to JIRA user attributes.
  • Please refer to attributes received in successful Test configuration and use them for User Profile.
  • In User Profile Tab details like username and NameID as shown in step 5 of Test Successful are mapped to Username and Email respectively.
  • Also Full Name or Separate Name( like First and Last Name) attributes are given as options according to JIRA user attributes.
  • While auto registering the users, these attributes will automatically get mapped to your JIRA user details.
  • Clicking Keep Existing User Attributes checkbox will disable attribute mapping for existing users. New users will be created with attribute mapping defined.

Step 7: User Groups

  • JIRA plugin maps groups from your IDP to groups in JIRA.
  • JIRA uses a concept of Groups, designed to give the site owner the ability to control what groups can and cannot do in the site.
  • In Configure user group mapping enter the Attribute Name given against group value of Test Configuration for the user.
  • Clicking Create Users checkbox will allow user creation for only those groups whose group is mapped to JIRA groups in User Groups tab. If unchecked, users whose groups are not mapped to JIRA groups, they will not be allowed to log-in to JIRA.
  • Clicking Restrict user creation checkbox will disable group mapping for existing users. New users will be created with the Default Group or the group assigned to them in mapping.
  • JIRA has two pre-defined groups where users are mapped: JIRA-administrator and JIRA-servicedesk-users.
  • User Groups helps you to assign specific groups to users of a JIRA group from your IdP.

Step 8: SSO Settings

  • In this tab you can enable SSO for JIRA. How users and administrators can log-in using SSO is defined in this tab.
  • Autoredirect and secure login options can be set up.

Step 9: Certificates

  • For sending signed or/and encrypted SAML requests, certificates can be set in IDP. These can help to identify the user.

Step 10: Templates

  • Custom templates can be set up. Error message template and custom logout template.

We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com


For further details refer :
https://www.feide.no/sites/feide.no/files/documents/feide_integration_guide.pdf
https://www.feide.no/sites/feide.no/files/documents/feide_technical_guide.pdf



We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.

Please call us at +1978 658 9387 (US), +91 77966 99612 (India) or email us at info@xecurify.com