Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
How to do Git operations with Bitbucket and SAML SSO
The SAML SSO app for Bitbucket Data Center is a web based application. Like any other Bitbucket SAML app, it does not allow authentication via command line tools.
In general, we recommend using a SSH keys (https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html) or personal access tokens (https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html)for authentication.
SSH keys for authentication and personal access tokens do belong to a user, but don’t need to be changed,
if a user is renamed, so they can also be used with other external directories, like LDAP/ a Jira- or Crowd based directory)
Depending on your setup, there are different possibilities to perform Git operations with your Bitbucket Data Center, running the SAML SSO app:
If you are using external LDAP synchronization to sync & update users
In this case, credentials will be synchronized to your Bitbucket Data Center instance, so the users can use their known username/ password for all Git operations
If you are using user creation and update provided by the SAML SSO app
If you are using the "User Creation and Update" function of our app, users won't really receive a password, as this is intended to be managed on the IdP only.
To enable the users to perform Git operations, there are three options:
- Best practice: use SSH keys for authentication, see https://confluence.atlassian.com/bitbucket/set-up-an-ssh-key-728138079.html
- Alternatively, users can create personal access tokens for Git operations and REST requests, see https://confluence.atlassian.com/bitbucketserver/personal-access-tokens-939515499.html
This feature was introduced in Bitbucket Server and Data Center 5.5. Not recommended: set a password for the user (via normal means, either the admin interface or the user himself in his profile),
so that the user can use this password for Git operations on the command line or any other Git client.