Uploaded image for project: 'Crowd'
  1. Crowd
  2. CWD-5478

Crowd to support SAML as Service Provider

    XMLWordPrintable

    Details

    • Feedback Policy:

      Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Description

      Summary:

      As a Crowd administrator, I would like to use OKTA SSO (SAML) for my Atlassian applications, however, my idea is to have only Crowd integration with OKTA and acting as a bridge app in between OKTA and Jira/Confluence/Bitbucket. This means that if an unauthenticated user logs to Confluence, Confluence sends an authentication request to Crowd and Crowd talks to OKTA to get the SAML Authentication done.

      Scenario:

      • User tries to access Confluence/Jira.
      • They reach Crowd Logon page.
      • They insert their user and password which is authenticated against the information in OKTA.
      • OKTA sends the confirmation to Crowd.
      • Crowd redirects to the application being requested.

       

      How does SAML Works?

      Each application needs to be SAML Versed in order for them to be able to integrate with Okta. The way we establish this is by either using the Connectors provided by Okta (available for Jira and Confluence only) or through third party plugins provided by vendors such as Mini Orange(e.g).

      Once that's done, we integrate those applications with Okta with the aid of those plugins as well. At this point, the applications will know that login requests should go to Okta to be processed and will also know how to read a SAML response accordingly.

      Considerations:

      The scenario explained above seems ambiguous, since both Crowd and Okta in their scenario seem to have the same or very similar proposal which is to act as the IdP. However, even though this is similar, it can be important for some organizations or companies.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              Unassigned
              Reporter:
              jbondan@atlassian.com JayBe
              Votes:
              3 Vote for this issue
              Watchers:
              5 Start watching this issue

                Dates

                Created:
                Updated: