Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Frequently Asked Questions (FAQ)
Dead link
I'm getting <<Oops, you've found a dead link>> when I try to log in
If you have configured Google provider (or any other to be specific), you then access your JIRA and click the Google button. In return you get HTTP/404 server response and an error page. When inspecting the location bar in the browser you can still see that it is your JIRA's address.
Lets imagine you host your JIRA on https://jira.mycompany.com
You can see that the browser points to https://jira.mycompany.com/o/oauth2/auth?scope=openid+email+profile&response_type=code&state=d3fc17ad-1a4b-4449-8eb6-0d0d3eca9809&redirect_uri=https%3A%2F%2Fjira.mycompany.com%2Fopenid%2Foauth2-callback%2Fgoogle&prompt=select_account&client_id=…
This means that you host JIRA behind a reverse proxy and the proxy rewrote the address back to your JIRA instead of passing it through, because plugin returned following address:
Please fix reverse proxy configuration and the plugin will function properly.
OAuth 2 authentication provider
I'm unable to use my custom OAuth 2 authentication provider
The custom OAuth authentication built into the plugin was created for Google Apps and may not work with some other implementations. If you want to use your own provider and it doesn't work out of the box please contact our Help Center .
I'm getting an HTTP/405 when authenticating with Google Apps
Please make sure to enable Google+ API in Google Developer Console.
I'm getting SSL errors
There are few reasons you might get them:
- you're using a self signed certificate
- you're using a certificate signed by Certification Authorizing that isn't known for the Java version you use
- you're using 2048 bit certificate key which is only supported by latest Java 1.7 and 1.8 releases
Can this plugin synchronize all users or groups?
No, it cannot. It will synchronize users details during authentication only. It does not synchronize users or groups in the background. Also this plugin doesn't act as Crowd User Directory.
Is this plugin compatible with custom SSOSeraphAuthenticator?
No, it is not. Users found that they do not work well together.
Plugin doesn't work in JIRA 7.3.0
If you use recent PostgreSQL release you can face com.atlassian.activeobjects.internal.ActiveObjectsInitException. If you do, please upgrade JDBC driver because the one shipped with JIRA may be to old.
I'm getting <<Oops, you've found a dead link>> when I try to log in
In the event that you have configured Google provider (or any other to be specific), you then access your JIRA and click Google button. In return you get an HTTP/404 server response and an error page. When inspecting the location bar in the browser you can still see that it is your JIRA's address.
Lets imagine you host your JIRA on https://jira.mycompany.com
You can see that the browser points to https://jira.mycompany.com/o/oauth2/auth?scope=openid+email+profile&response_type=code&state=d3fc17ad-1a4b-4449-8eb6-0d0d3eca9809&redirect_uri=https%3A%2F%2Fjira.mycompany.com%2Fopenid%2Foauth2-callback%2Fgoogle&prompt=select_account&client_id=…
This means that you host JIRA behind reverse proxy and the proxy rewrote the address back to your JIRA instead of passing it through, because plugin returned following address:
Please fix the reverse proxy configuration and the plugin should function properly.
How to debug the plugin?
Go to Logging and profiling and use Configure logging level for another package to enable logging for this plugin. Use com.pawelniewiadomski for package name and select TRACE for logging level. Once configured the plugin will log additional information to atlassian-jira.log
For detailed information we please review: https://wiki.resolution.de/doc/saml-sso/latest/jira/troubleshooting/enable-detailed-logging
Logging for OIDC claims and log in
To specifically log for the OIDC claims and the log in process, change the log level for com.pawelniewiadomski to DEBUG.
- Dead link
- OAuth 2 authentication provider
- I'm getting an HTTP/405 when authenticating with Google Apps
- I'm getting SSL errors
- Can this plugin synchronize all users or groups?
- Is this plugin compatible with custom SSOSeraphAuthenticator?
- Plugin doesn't work in JIRA 7.3.0
- I'm getting <<Oops, you've found a dead link>> when I try to log in
- How to debug the plugin?