Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Organization Assignment
Prerequisites
Starting with version 2.2.0, Service Desk customers can be assigned to organizations during SSO.
This only applies to logins with a request-URL containing /servicedesk/customer
You can also also enable SSO redirection for SD customers in the redirection tab of the plugin configuration ("Redirect SD Customer Portal").
Should you test your configuration with a login URL not containing the the above, neither organizations will be created nor assigned.
Configuration
Organization names can either be fixed in the configuration or read from a SAML response attribute.
Reading organizations from SAML reponse attributes
As depicted in the screenshot below, you can specify a custom organization attribute key.
If the IdP metadata contains claim attributes for organization names, these can be selected from a dropdown.
If this is not the case, the dropdown won't be shown.
Adding more organizations
You can also add one ore more organization names to which customers will always be assigned.
Simply use the + button beside "SD Customer Organizations", remove unwanted entries with the - button.
If an organization does not exist, the assignment is skipped unless Add nonexisting Organizations is enabled.
Transforming organization names with regular expressions
You can add one or more rules to transform the organization names from the SAML response according to your requirements.
In the example below the term "org" is replaced with "servicedesk".
By checking "Skip untransformed Organizations" you can prevent untransformed names to be used.
This might be important, if you need to enable "Add non-existing organizations".
Creating organizations with the SAML SSO app
Prerequisites
As mentioned earlier, organizations can be created automatically. For that to work, an administrator user with "JIRA Service Desk" application access must exist.
Only starting with version 3.1.0, the plugin will try to find the first an administrator user with these permission. In older 2.2.x and 3.x versions, it was using the first
to be found. This was sometimes a problem, as it was not guaranteed that the user has service desk application access and hence caused creation and assignment to fail.
Organization creation and service desk projects
As of now, organizations created by the plugin will be assigned to all non-archived service desk projects and only, if the administrator user has access to these
service desks. This is usually the case, unless you have a number of administrator users with limited permissions to some of these projects.
There will be more control over automated creation of service desk organizations in a later version of the plugin.
If you are using the Adaptavist script runner plugin, you could work around that current limitation already today.
You can also remove an organization from a project if you don't want it to be assigned to it or delete the organization completely.
All these actions can be found in the "Customers" section of each Service Desk project.
Please note, that organizations created with the add-on prior version 2.3.4 were not correctly assigned to the Service Desk projects.
You can fix this by manually adding the organization again to your Service Desk project(s).
You'll see that it is already available via autocomplete.
As soon as you did this, even the customers assigned to it with a version prior 2.3.4 will be visible in that organization again.