We try to access a Confluence page which contains a '#' in the URL. Access to the URL is possible, however the SAML Single Sign On plugin ignores everything  after the '#'.


We created an anchor (called Boulder-Techniken) inside the page, which can be hyperlinked. To insert the anchor link, we have to type #Boulder-Techniken



The problem exists because the fragment (the part after and including the # character) is not sent to the server. There is also a related upstream bug at Atlassian

The solution would be to instrument the IdP selection page and email IdP selection page with some JavaScript that adds the fragment to the 'redirectTo' parameter that gets sent to the IdP.


Go to SAML Single Sign On Plugin Configuration → Page Templates. Based on your IdP Selection Method you need to modify the IdP Selection Page Template or IdP Selection by Email Page Template.

If in first IdP mode, we need to inject another page into the workflow. When modifying the IdP Selection Template, the a  tags (inside the velocity #foreach loop) need to get the class idpanchor:

#foreach($idp in $idps)
    <a class="idplink idpanchor" href="$idp.ssoUrl">$</a> $idp.description

Also, the following snippet needs to be included wherever (in the IdP Selection Template):

    AJS.$("a.idpanchor").each(function() {
      var idpAnchor = $(this);
      var prevHref = idpAnchor.attr('href');
      idpAnchor.attr('href', prevHref + encodeURIComponent(window.location.hash));

This should make sure, that once the user lands on the IdP selection page, the snippet gets read in JS and the links amended.