Atlassian SAML Handbook

Service Provider Info

Service Provider Info tab provides the SAML Service Provider metadata information. This metadata will be used to add your Atlassian application as a Service Provider/Relying Party in the SAML IDP.

IDP Setup Guides: Choose your SAML IDP to find the step by step guide to configure the miniOrange add-on with the IDP for SAML Single Sign-on. In case your IDP is not listed here, please contact us for support.

Service Provider Metadata Information:

Metadata URL: <Application Base URL>/plugins/servlet/saml/metadata

Metadata URL provides the application’s SAML Metadata information that will be used to configure the application in the IDP as a service provider in one go. 

The metadata can also be changed to include/exclude signing and encryption certificates. Depending on the features supported by the IDP, the plugin can sign the request and decrypt authentication responses for better security and stronger validation.

  • Include Signing Certificate in Metadata:– If enabled, public certificate of the plugin will be added in the Service Provider Metadata and it will be used by the IDP to verify the Signature in the SAML Request from the application.
  • Include Encryption Certificate in Metadata:– If enabled, public encryption certificate of the plugin will be added in the Service Provider Metadata that will be used by the IDP to encrypt the SAML Response.

Configure IDP manually:

Copy the required fields like SP Entity IDACS URL, Audience URI, Recipient URL, Destination URL and paste them in you IDP SAML Configuration to add the application as a SAML Service Provider.

Configure Service Providers URLs (Optional)

Administrators can change their SP BASE URL and SP ENTITY ID.   

  • SP Base URL: If your Atlassian application is running behind a proxy, your IdP will need the proxy SAML Endpoint. You can update the SP (Service Provider) Base URL accordingly. Updating this will also update URLs in the metadata so SP information has to be re-configured in IDP again. By default, it is configured as the current Base URL of your Atlassian application.
  • SP Entity ID:  It also referred to as Issuer. It is used by the Identity Provider to uniquely identify your Atlassian application.

Import IdP Metadata: Once you have configured your Atlassian application as a SAML Service Provider in the IDP then IDP will provide you the IDP SAML Metadata xml file or Metadata URL or information given below. This information will be used to configure the SAML Identity Provider in the Configure IDP tab of the plugin.

  1. IdP Entity ID or Issuer
  2. Single Sign-On Service URL
  3. Single Logout URL(optional)
  4. NameID Format(by default selected as unspecified.)
  5. X.509 Signing Certificate(IDP Signing Certificate)