Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
Individual Metadata URLs per Identity Provider
Problem
We need different SAML SSO to provide specific metadata for our identity providers. This allows e.g. to activate encryption or single logout only for some configurations.
Solution
Starting with SAML SSO 6.3.0, we added the option to have metadata URLs for specific idp configurations, e.g. https://<your baseurl>/plugins/servlet/samlsso/metadata?idp=1 for the idp with id 1.
However, you can still access general metadata via https://<your baseurl>/plugins/servlet/samlsso/metadata, this can also be configured separately.
General Settings
You can find the general metadata options via Service Provider. It allows adding the signing and encryption certificate, as well as the single logout URLs to the metadata.
Additionally, you can set the value for WantAssertionSigned and AuthRequestSigned. Don't forget to save when changing these. Additionally, you must reload the metadata on your identity provider to get the change.
Individual Metadata URL per Identity Provider
With SAML SSO 6.3.x, the metadata options are also available for each identity provider individually. For this, go to Identity Providers and choose your identity provider config.
Next, scroll down to the bottom of the page.
As you can see on the screenshot, the metadata URL has a parameter ?idp=1 to specify to metadata. Don't forget to save and reimport the metadata URL on your identity provider when changing settings here.