Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
The signed in user is not assigned to a role for the application
Problem
When using SSO for Jira Data Center or SSO for Confluence Data Center with Azure AD you might receive an error from Azure after providing the username and password:
The signed in user is not assigned to a role for the application
AADSTS50105: The signed in user 'azure-username' is not assigned to a role for the application 'a33eedec-d848-4552-bb59-af60a2aeb63c'(name-of-the-sso-enterprise-app in Azure).
Solution
If you don't allow all users to access the SAML SSO for Atlassian Data Center app via Azure (described in all of our Azure AD SSO setup guides,
i.e. here: Azure AD Enterprise app configuration), the user must be directly added to the SSO app you've created.
In the below screenshot User assignment required is enabled (usually we recommend to disable it)
If you need to keep these settings, you'd need to assign the users via Users and groups
As this can become quite an effort when managing many users, Azure also allows that for groups, but not with every Azure AD subscription plan.