Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
6.2.x release notes
What's new
- Enhancements in User Sync, see 2.6.x release notes.
- Configuration changes are tracked in the audit log now.
- Redirection for SSO can now be limited to specific Jira Service Management portals.
- Minor improvements and bug fixes.
Upgrade consideration
No special considerations apply to this update.
Data Center
This version is fully compatible with Jira, Confluence, Bitbucket, and Bamboo Data Center.
Changelog
6.2.5
Released on 12 January 2023 for Jira, Confluence, Bitbucket and Bamboo (Server and Data Center).
Fix a medium level security vulnerability potentially allowing replay attacks, see https://wiki.resolution.de/doc/saml-sso/latest/jira/security-advisories/2023-01-12-response-can-be-replayed-with-modified-id-when-only-the-assertion-is-signed.
6.2.4
Released on 30 November 2022 for Confluence (Server and Data Center).
Changes specific to Confluence
Fixed compatibility with Confluence 8.0.0.
6.2.3
Released on 24 November 2022 for Jira, Confluence, Bitbucket, and Bamboo (Server and Data Center).
- Fixed issue where changes on the plugin configuration were not written to the audit log under special circumstances.
- Fixed base64url decoding of OIDC tokens.
- Updated jackson dependecies to latest versions.
Changes specific to Jira
- Fixed validation when using redirection to specific Jira Service Management portals.
Changes specific to Confluence
None
Changes specific to Bitbucket
- None
Changes specific to Bamboo
- Restored full support for Bamboo 9. Update from remote directories is now working again like in older Bamboo versions.
6.2.2
Released on 27 October 2022 for Jira, Confluence, Bitbucket, and Bamboo (Server and Data Center).
- SAML Single Sign-On 6.2.2 comes with the User Sync 2.6.2 release, see 2.6.x release notes
- Fixed flickering tracker view.
- "Use inline Javascript in POST binding form" is now the default behaviour for new IdPs for the login via POST binding.
Changes specific to Jira
- None
Changes specific to Confluence
None
Changes specific to Bitbucket
- None
Changes specific to Bamboo
- Added limited support for Bamboo 9. Update from remote directories is currently not available. The login for newly created users in remote directories will only be possible after the directory has beend syned with Bamboo. If the option is enabled a warning is shown in the admin interface.
6.2.1
Released on 4 October 2022 for Jira, Confluence, Bitbucket, and Bamboo (Server and Data Center).
- SAML Single Sign-On 6.2.1 comes with the User Sync 2.6.1 release, see 2.6.x release notes
- Fixed issue in WebSudo confirmation screen.
Changes specific to Jira
- None
Changes specific to Confluence
None
Changes specific to Bitbucket
- None
Changes specific to Bamboo
- None
6.2.0
Released on 27 September 2022 for Jira, Confluence, Bitbucket, and Bamboo (Server and Data Center).
- SAML Single Sign-On 6.2.0 comes with the User Sync 2.6.0 release, see 2.6.x release notes
Fixed intermittent failures to add users to groups during SSO login.
Fixed failing tests in IdP wizard due to a space character in the end of the test URL.
- Fixed migration from XML based configuration when upgrading from very old plugin versions.
- Track configuration changes in the audit log.
- Changed logging messages regarding AnalyticsConfigService from level ERROR to DEBUG.
- Fixed that users from delegated LDAP directories were updated even if user update is disabled in the directory configuration.
- The original URL is now included in the last 50 trackers in the support information.
- Fixed failing WebSudo confirmation when closing the popup window automatically is blocked by the browser.
- Fixed showing "SAML POST Binding in progress..." in link previews to SAML enabled instances.
- URL characters considered as illegal can now be configured.
Changes specific to Jira
- Allow limiting redirection to SSO to specific Jira Service Management portals.
Changes specific to Confluence
None
Changes specific to Bitbucket
- None
Changes specific to Bamboo
- None