How to switch SAML from the primary to the secondary authentication method in Jira Database

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the server and data center platforms.

Purpose

Sometimes user may need to bypass SAML as the primary authentication method in JIRA and set it to be secondary authentication method for troubleshooting purposes. In the UI you can change the setting by going to ⚙ > System > Authentication Methods and set the toggle under the Show on login page column for the Username and password login option.

Solution

  1. Create a backup before proceeding with the steps below.

    Always back up your data before performing any modifications to the database. If possible, test any alter, insert, update, or delete SQL commands on a staging server first.

  2. Connect to JIRA Database.
  3. Check current configuration to see if JIRA is using SAML as primary authentication:

    1. Get the ID for the com.atlassian.plugins.authentication.samlconfig.redirect-on-login properties by running below query:

      (info) For newer versions of Jira (8.6.x) we should use property com.atlassian.plugins.authentication.sso.config.redirect-on-login

      select id from propertyentry where property_key='com.atlassian.plugins.authentication.samlconfig.redirect-on-login';
    2. Run below query with the ID from above query:

      select * from propertystring where id=<ID_FROM_PREVIOUS_QUERY>; 
    3. If the result return under propertyvalue column is true, then JIRA is using SAML as primary authentication.
  4. To switch to SAML SSO from the primary to the secondary authentication method, run the following query:

    update propertystring set propertyvalue = 'false' where id=<ID_FROM_PREVIOUS_QUERY>;
  5. Verify the change was implemented by running the following query (result should read 'false' under propertyvalue column)

    select * from propertystring where id=<ID_FROM_PREVIOUS_QUERY>; 
    jira460=# select * from propertystring where id=10916;
      id   | propertyvalue
    -------+---------------
     10916 | false
  6. Restart JIRA for the change to take effect.
  7. After restart, you can login to JIRA using normal method of username and password.



DescriptionHow to switch SAML from the primary to the secondary authentication method in Jira Database
ProductJira

Last modified on Jun 13, 2022

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.