Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
Request signing and response encryption
Certificates
The certificate used for signing and encryption is generated automatically during the plugin-installation. It can be replaced or regenerated in the Service Provider-tab.
This certificate is included in the SAML-metadata so that it is available to the Identity Provider after importing metadata. This inclusion can be controlled with the settings.
Include Signing Certificate in Metadata and Include Encryption Certificate in Metadata in the Service Provider-tab.
Signing
SAML Single Sign On can sign outgoing SAML-requests and handle encrypted SAML-responses.
The option to sign requests is set per IdP-configuration with the parameter Sign Authentication Requests and is enabled by default.
Encryption
SAML Single Sign On can decrypt encrypted SAML-responses or assertions. This requires no further configuration on the Plugin as long as the certificate is known to the IdP e.g. by including it in the metadata (see above) or importing it manually.