How to Configure Google Single Sign On with Jira Align

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community


Summary

This article shows the steps required to configure Google IDP for Single Sign-On with Jira Align

Environment

Jira Align

Solution

Part 1 - Google Settings


  1. Log into https://admin.google.com
  2. Click on Web and Mobile Apps on the left menu

  3. Add App

    1. Click on “Add App"

    2. Click on “Add Custom SAML App"

  4. Enter an App name and description of your choice

    1. Click Next/Continue

  5. Metadata

    1. Click to Download the Metadata

      1. It will be imported on Jira Align in later steps

    2. Take note of the SSO URL,

      1. In this example https://accounts.google.com/o/saml2/idp?idpid=C02wp9bui

    3. Click Next/Continue

  6. Service Provider Details

    1. Set the ACS URL and Entity id with your JIra Align URL

    2. Check the box “Signed Reply"

    3. Set “Name Code format" to “EMAIL"

    4. Set “Name id" to “Basic Information > Primary Email"

    5. Click Next/Continue

  7. It is not required to add an Attribute mapping, click on Conclude

  8. Now on the SAML App you just created, take note of the URL, it contains the APP ID

    1. In this example https://admin.google.com/ac/apps/saml/315645158461


Part 2 - Jira Align Settings

  1. Go to Jira Align

  2. Go to Administration > Security

  3. Click on the “Add SAML Provider” button

  4. Copy the content from the GoogleIDPMetadata.xml file you download on Step 5

    1. To copy the content, open the file using any text editor app, select all the text and copy

    2. Paste on the “SAML 2.0 Metadata" text field

    3. Set the “NameID Lookup by" to Email

    4. Click on Save and Close


Part 3 - Testing SAML Login and Sign-In URL


  1. Before Disabling the Manual Sign-In, test the SSO authentication

    1. Access your Google SAML Application

      1. URL you Saved on STEP 8

      2. Similar to the example: https://accounts.google.com/o/saml2/initsso?idpid=C02wp9bui&spid=315645158461

    2. Click on “TEST SAML LOGIN"

  2. Test the URL that will be used as Sign in URL 

    1. The URL must be like the following:
      https://accounts.google.com/o/saml2/initsso?idpid=C02wp9bui&spid=315645158461

    2. About the URL:

      • The IDPID is the id from the URL captured on STEP 5

      • the SPIDP is the ID from the URL captured on STEP 8

      Once you confirm you can log in to Jira Align successfully using the above URL (with the correct IDPID and SPID), you can set the URL to be the Sign in URL on Jira Align


Part 4 - Finishing the Configuration


  1. On Jira Align > Admin > Platform > Security

  2. Change “Disable Manual Sign-in" to “Yes"

  3. on the “Sign In URL" enter the URL tested on STEP 12

  4. Click Save Settings





Last modified on Feb 23, 2024

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.