Follow the Step-by-Step Guide given below for Bitbucket Single Sign On (SSO) using Bitium as IdP
STEP 1: Configure Bitium as IdP
- Log into Bitium Admin Portal.
- Once you have logged into your Bitium Admin portal, click on the Manage button in the top navigation bar for your organization, and then click on Manage Apps.
- In the top right corner, click on Add More Apps. You will see a search box, then search for Custom SAML. Select Custom SAML(SP) and add the app to your Bitium account.
- Here we will start configuring SSO. First, rename your page as Bitbucket, site address and type of account. Once you are done, click on Install App.
- On the next screen, click on Configure Single Sign-On.
- Here, we will exchange a few values between Bitium and Bitbucket.
|SAML URL ||Copy/Paste ACS URL from Configure IDP tab |
- Click on Save.
- Copy the following URL/Endpoints. These will be required while configuring the plugin. Copy the X.509 Certificate text area value and keep it handy.
- Now, assign the Bitbucket app to your users in the Apps Overview section.
STEP 2: Configure Bitbucket as SP
- Go to Configure SP Tab in miniOrange SAML Plugin and enter the following details:
|IDP Entity ID:
||Entity ID from the Single Sign On tab in Bitium
||Single Sign On URL:
||Login URL from the Single Sign On tab in Bitium
|Single Logout URL:
||Logout URL from the Single Sign On tab in Bitium
||Paste the X.509 Certificate value from Single Sign On tab in Bitium
- In miniOrange SAML plugin, go to Attribute Mapping tab. Enter the following values:
||Name of the username attribute from IDP (Keep Username as NameID by default)
||Name of the email attribute from IDP (Keep Email as NameID by default)
||Name of the firstname attribute from IDP
||Name of the lastname attribute from IDP
- Go to Group Mapping tab. Enter the following values:
You can check the Test Configuration Results to get a better idea of which values to map here.
||Name of the Group attribute from IDP
Under the Group Mapping Section, configure which GROUP value coming in the SAML response needs to be mapped to which group. The Group value coming in the SAML response will be mapped to the Group assigned here and the user will be assigned that group.
- Go to Sign In Settings tab. Enable auto-redirect to IDP using Disable Bitbucket login option.
For further details refer :