Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
4.0.x release notes
What's new
Reach 100% accuracy in user attribute mapping from your IdP into the Atlassian application! We have created two new methods to transform attributes.
With SAML SSO 4.0, we made mapping attributes sent by your identity provider easier and more powerful. We added built-in IdP specific transformation presets and common transformations can be chosen with a single click. For advanced use cases, we allow to add custom expression that we will develop within support cases and if that is not enough, you can use transformations based on Groovy scripts.
Please see https://wiki.resolution.de/go/saml4featureOverview for a detailed overview.
Upgrade consideration
- Since SAML Single Sign On 4.0.0 is a major update, please make sure to have backups.
- We have introduced the configuration version 10 with a lot of structural changes. If you are using the unofficial REST API to export, import or modify the JSON configuration, make sure to update your scripts. Please contact our support for more information.
- In previous versions, a successful single user sync with UserSync was enough for the user to be logged in even if you had wrong transformations in the SAML SSO configuration. This has changed now, SAML SSO must be able to find the user with the data from the SAML response.
- If you have any problems after upgrading to version 4.0.0 you can always go back to the latest 3.x release with your old configuration. The old configuration is preserved during the upgrade and is available again as soon as you downgrade to 3.x. If you run into any problems please contact our support.
Data Center
This version is fully compatible with Jira, Confluence and Bitbucket Data Center.
Changelog
4.0.15
Released on 12 January 2023 for Jira, Bitbucket and Bamboo (Server and Data Center).
Fix a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
4.0.14
Released on 25 October 2021 for Jira, Confluence, Bitbucket (Server and Data Center) and Bamboo
This update includes the bugfix release of User Sync 1.9.7.
Changes specific to Jira
None
Changes specific to Confluence
None
Changes specific to Bitbucket
None
Changes specific to Bamboo
None
4.0.12
Released on 29 July 2021 for Jira, Confluence, Bitbucket (Server and Data Center) and Bamboo.
Fixes a critical security vulnerability.
Please update to this version or one of the other fix versions (5.0.5, 3.6.6, 2.5.9) as soon as possible.
Existing customers should have received or will soon receive a mailing with some details. They will be published in a few days.
4.0.11
Released on 26 April 2021 for Jira, Confluence, Bitbucket (Server ❤️ and Data Center) and Bamboo
Fixed login redirection for URLs containing special characters.
Fixed pagination in authentication tracker list.
This update includes the bugfix release of User Sync 1.9.6.
Changes specific to Jira
None
Changes specific to Confluence
None
Changes specific to Bitbucket
None
Changes specific to Bamboo
None
4.0.10
Released on 11 March 2021 for Jira, Confluence, Bitbucket (Server ❤️ and Data Center) and Bamboo
Fixed failing base URL check for absolute URLs.
This update includes the bugfix release of User Sync 1.9.5.
Changes specific to Jira
None
Changes specific to Confluence
None
Changes specific to Bitbucket
None
Changes specific to Bamboo
None
4.0.9
Released on 4 March 2021 for Jira, Confluence, Bitbucket (Server ❤️ and Data Center) and Bamboo
Fixed bug in Just-in-Time Provisioning: groups are no longer created if option “Create groups if they do not exist” is disabled.
This update includes the bugfix release of User Sync 1.9.4.
Changes specific to Jira
None
Changes specific to Confluence
None
Changes specific to Bitbucket
None
Changes specific to Bamboo
None
4.0.8
Released on 4 February 2021 for Jira, Confluence, Bitbucket (Server ❤️ and Data Center) and Bamboo
Fixed possible redirection vulnerability in samlsso servlet and WebSudo servlet.
Fixed metadata import when metadata only contains a REDIRECT login binding.
Fixed tester for “E-Mail Domains”
This update includes the bugfix release of User Sync 1.9.3.
Changes specific to Jira
Fixed non-SSO URL for Service Desk Portal (JSM).
Changes specific to Confluence
None
Changes specific to Bitbucket
None
Changes specific to Bamboo
None
4.0.7
Released on 17 December 2020 for Jira, Confluence, Bitbucket (Server ❤️ and Data Center) and Bamboo
Fixed: login will no longer fail if User Sync lookup fails.
Fixed: automatic metadata refresh no longer leads to invalid configuration.
Fixed: refresh tracker button now working again.
Fixed duplicate X-XSS-Protection headers in samlsso servlet.
Added X-Content-Type-Options header to samlsso servlet.
This update includes the bugfix release of User Sync 1.9.2.
Changes specific to Jira
Added support for organization assignment in Jira Service Management (JSM).
Changes specific to Confluence
None
Changes specific to Bitbucket
None
Changes specific to Bamboo
None
4.0.6
Released on 26 November 2020 for Jira, Confluence, Bitbucket (Server and Data Center) and Bamboo
- Fixed user reactivation when user exists in multiple directories.
- Fixed: groups are no longer removed from non-SAML-created users.
- Changed order or transformations to recreate the behavior of SAML Single Sign On 3.x.
- Fixed the status of the authentication tracker when the users is updated during login.
Changes specific to Jira
Fixed groups assignment for Service Desk customers during Just-in-Time Provisioning.
Changes specific to Confluence
None
Changes specific to Bitbucket
None
Changes specific to Bamboo
None
4.0.5
Released on 19 November 2020 for Jira (Server and Data Center) and Bamboo
Changes specific to Jira
Fixed group assignment in Just-in-Time Provisioning for Service Desk customers.
Changes specific to Bamboo
Fixed: now recreating the JSESSIONID during login.
4.0.4
Released on 17 November 2020 for Jira, Confluence, Bitbucket (Server and Data Center) and Bamboo
- Fixed reactivation during login for users that are not created by SAML.
- Fixed bug in migration that disregarded the "User ID matches NameID" setting.
- Fixed bug that let migration and config import fail if regular expressions are configured.
- Fixed Botkiller issues causing lots of reauthentications.
This update includes the bugfix release of User Sync 1.9.1.
Changes specific to Jira
None
Changes specific to Confluence
None
Changes specific to Bitbucket
None
Changes specific to Bamboo
None
4.0.3
Released on 10 November 2020 for Jira and Confluence (Server and Data Center)
- Fixed several minor UI bugs.
- Fixed bug in Azure attribute mapping preset.
Changes specific to Jira
None
Changes specific to Confluence
None
4.0.2
Released on 4 November 2020 for Confluence Server and Data Center
- Fixed renaming users with empty external_id during SAML Just-in-Time Provisioning.
4.0.1
Released on 2 November 2020 for Confluence Server and Data Center
- Fixed migration from older configuration versions.
4.0.0
Released on 29 October 2020 for Confluence Server and Data Center
- Advanced attribute mapping: Map any attributes from the identity provider to local user attributes, including Confluence user profile attributes.
- Configuration presets for common uses cases and identity providers
- New transformations in addition to regular expressions:
- common transformations as presets (e.g. convert Azure guest users or strip email domains)
- new transformations such as splitting attribute values by separator
- custom transformations with Groovy scripts.
- Define custom Attributes like employee ID to search for your users in the Atlassian app.
- Other improvements & bug fixes:
- Improved Auth Tracker List: ability to search & filter logins, and create a support case in-app
- Bug Eradicated: Literally one bug eradicated in User & Group Sync 1.9.0
- Fixed WebSudo with SAML for Chrome & other browsers enforcing new samesite cookie policies