Uploaded image for project: 'Atlassian Guard'
  1. Atlassian Guard
  2. ACCESS-1025

Allow trello.com to be used as a relay state URL for IDP-initiated log-in

XMLWordPrintable

    • 19

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      When configuring SAML single sign-on, if the user uses URLs like https://id.atlassian.com, https://start.atlassian.com, and https://example.atlassian.net, this will allow people added to the identity provider to log-in via IDP-initiated log-in to Atlassian products and the account.

      However, if the https://trello.com URL is used as the relay state, this will not authenticate the user to Trello and will require the account to use the Log-in flow, even though it is already authenticated to the Atlassian account.

      Suggestion

      This is a suggestion to allow https://trello.com to be used as the relay state, automatically authenticating accounts, as it would happen with https://id.atlassian.com

      Workaround

      Add the following URL to the Relay state configuration of the identity provider:

      https://trello.com/ensureSession

      This will automatically log the user to Trello.

            [ACCESS-1025] Allow trello.com to be used as a relay state URL for IDP-initiated log-in

            Larry added a comment -

            I should also add that I cannot have both the Atlassian Cloud Azure AD enterprise app and also add a Trello-specific SAML SSO app, because they would have to both share an Entity ID, and would have different certificates. I don't think it's currently possible to keep both apps in one Azure AD.

            Larry added a comment - I should also add that I cannot have both the Atlassian Cloud Azure AD enterprise app and also add a Trello-specific SAML SSO app, because they would have to both share an Entity ID, and would have different certificates. I don't think it's currently possible to keep both apps in one Azure AD.

            Larry added a comment -

            We are using Azure AD. All of our employees use Trello, and two admins use StatusPage.

            All our Azure AD-connected apps are delivered via the Azure My Apps page. I'd really like to get a Trello icon on that My Apps page that logs my users directly into Trello using SSO.

            I've set up Atlassian Cloud with SSO integration to Azure AD, and have that working. But the button says Atlassian Cloud, and drops them in an Atlassian app switcher page.

            I would really prefer not to have to educate our employees about that page, and instead keep them on the Azure My Apps page.

            Please make this possible, thank you.

            Larry added a comment - We are using Azure AD. All of our employees use Trello, and two admins use StatusPage. All our Azure AD-connected apps are delivered via the Azure My Apps page. I'd really like to get a Trello icon on that My Apps page that logs my users directly into Trello using SSO. I've set up Atlassian Cloud with SSO integration to Azure AD, and have that working. But the button says Atlassian Cloud, and drops them in an Atlassian app switcher page. I would really prefer not to have to educate our employees about that page, and instead keep them on the Azure My Apps page. Please make this possible, thank you.

              Unassigned Unassigned
              gdecampos Giuliano C.
              Votes:
              6 Vote for this issue
              Watchers:
              12 Start watching this issue

                Created:
                Updated: