HOWTO: Using an OpenID Connect to integrate with Okta

OpenID Connect for Atlassian Data Center applications

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

Default behavior

Your Atlassian application looks for the username within the ID token which is sent by the OpenID Provider (IdP). This token consist of a set of attributes called claims. One of the claims, sub, is by default used to determine one’s username. Some IdPs, however, don’t use the sub

 claim for passing on the username. In such cases, you must must point your Atlassian applications to a custom claim which contains the username.

Using custom claim as the username

For some IdP configurations, the username might be passed in a claim different than sub. For example Okta includes a username in the preferred_username claim. To integrate your application with Okta, you need to set this custom claim in the configuration view.

Reverting to defaults

To revert the configuration change, clear the Username claim field. The default sub claim will be in used.

Last modified on Mar 28, 2024

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.