Uploaded image for project: 'SAML for Atlassian Data Center'
  1. SAML for Atlassian Data Center
  2. SAMLDC-45

Ability to get metadata from IdP and update them automatically in SAML configuration form

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • Icon: Low Low
    • None
    • None
    • None
    • None

      Summary

      Currently a JIRA admin has to get and update IdP configuration information manually. This is inconvenient in case the information gets modified frequently on the IdP side. In such a case, if the admin fails to update the SAML configuration in time, users may not be able to log in.

      Use Case

      A typical use case is the X.509 Certificate gets renewed from time to time on the IdP side and a JIRA admin has to get and update it in the SAML configuration form. Failing to do so, the login request will be considered Bad (due to certificate mismatch) and users see this message in the GUI when trying to log in:

      We can't log you in right now
      
      This may be for a variety of reasons, we suggest trying again.
      If that doesn't work, contact your JIRA administrator for help.
      

      Environment

      JIRA Data Center 7.4.x and SAML for Atlassian Data Center 2.0.3.

      Suggestion

      JIRA should be able to detect changes from the IdP and have the metadata updated automatically to facilitate the integration process.

            [SAMLDC-45] Ability to get metadata from IdP and update them automatically in SAML configuration form

            Naveen Ravi made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 823515 ]
            Owen made changes -
            Workflow Original: SAMLDC Workflow v2 [ 2444269 ] New: JAC Suggestion Workflow 3 [ 4271278 ]
            Status Original: Open [ 1 ] New: Gathering Interest [ 11772 ]
            KellyW (Inactive) made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 595715 ]
            Glenda Grageda made changes -
            Issue Type Original: Improvement [ 4 ] New: Suggestion [ 10000 ]
            Andy Nguyen (Inactive) made changes -
            Description Original: h3. +Summary+

            Currently a JIRA admin has to get and update IdP configuration information manually. This is inconvenient in case the information gets modified frequently on the IdP side. In such a case, if the admin fails to update the SAML configuration in time, users may not be able to log in.
            h3. +Use Case+

            A typical use case is the X.509 Certificate gets renewed from time to time on the IdP side and a JIRA admin has to get and update it in the SAML configuration form. Failing to do so, the login request will be considered Bad (due to certificate mismatch) and users see this message in the when trying to log in:
            {code:java}
            We can't log you in right now

            This may be for a variety of reasons, we suggest trying again.
            If that doesn't work, contact your JIRA administrator for help.
            {code}
            h3. +Environment+

            JIRA 7.4.x and SAML for Atlassian Data Center 2.0.3.
            h3. +Suggestion+

            JIRA should be able to detect changes from IdP, get the metadata and update them automatically to facilitate the integration process.
            New: h3. +Summary+

            Currently a JIRA admin has to get and update IdP configuration information manually. This is inconvenient in case the information gets modified frequently on the IdP side. In such a case, if the admin fails to update the SAML configuration in time, users may not be able to log in.
            h3. +Use Case+

            A typical use case is the X.509 Certificate gets renewed from time to time on the IdP side and a JIRA admin has to get and update it in the SAML configuration form. Failing to do so, the login request will be considered Bad (due to certificate mismatch) and users see this message in the GUI when trying to log in:
            {code:java}
            We can't log you in right now

            This may be for a variety of reasons, we suggest trying again.
            If that doesn't work, contact your JIRA administrator for help.
            {code}
            h3. +Environment+

            JIRA Data Center 7.4.x and SAML for Atlassian Data Center 2.0.3.
            h3. +Suggestion+

            JIRA should be able to detect changes from the IdP and have the metadata updated automatically to facilitate the integration process.
            Andy Nguyen (Inactive) made changes -
            Description Original: h3. +Summary+

            Currently a JIRA admin has to get and update IdP configuration information manually. This is inconvenient in case the information gets modified frequently on the IdP side. In such a case, if the admin fails to update the SAML configuration in time, users may not be able to log in.
            h3. +Use Case+

            A typical use case is the X.509 Certificate gets renewed from time to time on the IdP side and a JIRA admin has to get and update it in the SAML configuration form. Failing to do so, the login request will be considered Bad (due to certificate mismatch) and users see this message in the when trying to log in:
            {code:java}
            We can't log you in right now

            This may be for a variety of reasons, we suggest trying again.
            If that doesn't work, contact your JIRA administrator for help.
            {code}
            h3. +Suggestion+

            JIRA should be able to detect changes from IdP, get the metadata and update them automatically to facilitate the integration process.
            New: h3. +Summary+

            Currently a JIRA admin has to get and update IdP configuration information manually. This is inconvenient in case the information gets modified frequently on the IdP side. In such a case, if the admin fails to update the SAML configuration in time, users may not be able to log in.
            h3. +Use Case+

            A typical use case is the X.509 Certificate gets renewed from time to time on the IdP side and a JIRA admin has to get and update it in the SAML configuration form. Failing to do so, the login request will be considered Bad (due to certificate mismatch) and users see this message in the when trying to log in:
            {code:java}
            We can't log you in right now

            This may be for a variety of reasons, we suggest trying again.
            If that doesn't work, contact your JIRA administrator for help.
            {code}
            h3. +Environment+

            JIRA 7.4.x and SAML for Atlassian Data Center 2.0.3.
            h3. +Suggestion+

            JIRA should be able to detect changes from IdP, get the metadata and update them automatically to facilitate the integration process.
            Andy Nguyen (Inactive) made changes -
            Affects Version/s Original: 2.0.2 [ 64602 ]
            Andy Nguyen (Inactive) created issue -

              Unassigned Unassigned
              vdung Andy Nguyen (Inactive)
              Votes:
              10 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: