How to configure SAML SSO for Bitbucket Datacenter with OKTA

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform Notice: Data Center Only - This article only applies to Atlassian products on the data center platform.

Summary

Step by step instructions to enable SAML SSO for Bitbucket datacenter with OKTA


Environment

Bitbucket Datacenter 6.9.0 and newer


Solution

  1. Install SSO for Atlassian Server and Data Center plugin from Marketplace on your Bitbucket datacenter.

  2. Create an application in OKTA for your Bitbucket server
    1. Login into OKTA as an administrator and navigate to Applications and click on Add Application
    2. Create a new application and select SAML 2.0
    3. Fill General details for the application such as Application name, logo etc.,
    4. Fill in Single Sign On Url details taken from SAML authentication tab in Bitbucket Administration Menu on the UI. 
      Details from Bitbucket UI:


      In OKTA application:

    5. Fill in additional details such as Default Relay state, Name ID format, Application username from the drop down as per your requirement and click Next
    6. The Next section is feedback section. Select the options accordingly and click Finish.
    7. You have now successfully created a new application in OKTA for your Bitbucket datacenter. 
    8. Click on View Setup Instructions that provides OKTA application details such as Identity Provider Single Sign-On URL, Identity Provider Issuer, X509 certificate to be configured in SAML 2.0 app in Bitbucket datacenter
  3. Configure SAML SSO in Bitbucket
    1. Navigate to SAML Authentication tab in Administration Menu in Bitbucket UI
    2. Configure SAML SSO settings for Bitbucket that are provided from OKTA
    3. Select Login Mode and Remember User Logins accordingly as per your requirement. The definitions of the parameters are described in SAML SSO settings for Bitbucket
    4. Click on Save Configuration in Bitbucket UI to save SAML SSO configuration.
  4. Assign the users and groups to the application in OKTA for SSO authentication.

If you are facing trouble authenticating users, you can refer to basic troubleshooting and best practices in our document SAML single sign-on for Atlassian Data Center applications


Last modified on Apr 8, 2021

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.