Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
Crowd and SAML Single Sign On
Crowd is used as a central identity management for all your Atlassian Server and Data Center applications connected with it.
In combination with the SAML Single Sign On app for Server and Data Center, Crowd directory can still be used as user source via synchronization,
while at the same time all users within the Crowd-connected directory are fully supported to authenticate with the Single Sign On app to the Identity provider of your choice.
However, there are three important points to be taken care of:
- Using Crowd with the SAML SSO app doesn't require any additional configuration, unless the Crowd's SSO Authenticator is enabled, which is NOT supported by the SAML SSO app.
An active Crowd SSO Authenticator leads to unexpected authentication issues during the Single Sign On process.
So if the Crowd SSO Authenticator is enabled, please disable it and re-enable the default authenticator:- Jira Server and Jira Data Center – Shut down the application and open JIRA/atlassian-jira/WEB-INF/classes/seraph-config.xml with an editor:
Uncomment "<authenticator class="com.atlassian.jira.security.login.JiraSeraphAuthenticator"/>"
Comment out "
<!--<authenticator class="com.atlassian.jira.security.login.SSOSeraphAuthenticator"/>-->"Inverted way of Integrating Crowd with Atlassian JIRA - Point 2.2
- Confluence Server and Confluence Data Center – Shut down the application and open CONFLUENCE/confluence/WEB-INF/classes/seraph-config.xml with an editor:
Uncomment "<authenticator class="com.atlassian.confluence.user.ConfluenceAuthenticator"/>"
Comment out "
<!--<authenticator class="com.atlassian.confluence.user.ConfluenceCrowdSSOAuthenticator"/>-->"Inverted way of Integrating Crowd with Atlassian Confluence - Point 2.2
- Bitbucket Server and Bitbucket Data Center– Shut down the application and open BITBUCKET/shared/bitbucket.properties with an editor:
Delete or Comment out "
plugin.auth-crowd.sso.enabled=trueInverted way of Connecting Bitbucket Server to Crowd - Single sign-on (SSO) with Crowd
- Bamboo – Shut down the application and open BAMBOO/webapp/WEB-INF/classes/seraph-config.xml with an editor:
Uncomment "<authenticator class="com.atlassian.bamboo.user.authentication.BambooAuthenticator"/>"
Comment out "
<!--<authenticator class="com.atlassian.crowd.integration.seraph.v25.BambooAuthenticator"/>-->"Inverted way of Integrating Crowd with Atlassian Bamboo - Point 2.5
- Jira Server and Jira Data Center – Shut down the application and open JIRA/atlassian-jira/WEB-INF/classes/seraph-config.xml with an editor:
- Crowd doesn't enable SSO for all other connected applications with only one single SAML SSO app for Atlassian Data Center or Server installed.
In other words, if the SAML SSO app is for instance only installed in Jira Data Center, SSO is not automatically working on Confluence too, just because Crowd is connected.
The SAML SSO app needs to be installed in every Atlassian Server or Data Center application on which you want to use SSO. - Ensure that users from Crowd have permission to access the application (e.g. default Jira application access group "jira-software-users").
Otherwise Single Sign On fails.