Single Sign On for NASA

Atlassian Crowd Server: Single Sign On and User Identity that’s easy to use

Organizations require data management and security for their own products. While also taking into account the feasibility of the third party products that they use to save time, complexity and improve productivity. Ease of use of products is something which is required by every business in the world.

Use Case – Connect all the Atlassian applications to IDP(Centrify) for SAML Single Sign-on.

NASA was looking for the product having a Single Sign-On (SSO) feature for connecting JIRA, Confluence, BitBucket, and Bamboo together. There was no such product available in the Atlassian marketplace.

Being an existing client of miniOrange, NASA contacted us with the query of connecting these products to the Crowd Server by enabling Single Sign On in its environment. The crowd is used as a central application to manage users and their permissions for all the Atlassian applications, so that every SSO Request/Response from (to) the application should go through the Crowd Server.

Any user accessing the application directly, for example, JIRA should get redirected to the IDP(via Crowd) for authentication. The crowd server will be responsible for SAML authentication, session management, user and group management. Once the user session is created in the Crowd, he/she will be redirected back to the application and logged in. miniOrange provided and listed solutions for this use case on the Atlassian Marketplace.

Solutions We Provided to NASA:

We configured Single Sign-On between Crowd Server and IDP using Crowd SAML SSO Add-On. Installed Crowd SSO Connector in all the Atlassian applications, so as to invoke SSO directly from the application itself.

All SSO requests and responses to and from the IDP will go through the Crowd server. The user authentication will be done by the IDP and Crowd can still be used to manage user permissions. Also, with this flow, End-users will not be able to notice that the SSO request/response to and from IDP passes through the Crowd Server.

miniOrange successfully developed the connector exactly as they needed i.e. “Crowd SAML SSO Add-On and its connector add-ons for Atlassian applications”. By fulfilling the requirements of NASA we were able to include them in our journey of innovations. Being a software security company we know the importance of organization securities and hence build quality and secured products for our clients along with world-class support.

 

Key benefits of the solution to NASA :

  • Moved user authentication form Crowd to secure IAM application without affecting the existing setup.
  • Users are automatically signed into Crowd as well as connected to the Atlassian Applications.
  • Users don’t have to enter their passwords repeatedly.
  • This made environmental setup easy to enforce additional security layers like 2FA on top of user authentication, which is not possible while using Crowd Server as an authentication source.

What miniOrange provides on the crowd server? 

miniOrange provides secure access to Crowd for enterprises and full control over access of applications, Single Sign On (SSO) into Crowd with one set of login credentials.

How does it work?

miniOrange SAML Single Sign On (SSO) Add-On acts as a SAML Service Provider which can be configured to establish the trust between the Atlassian applications and a SAML capable Identity Provider, to securely authenticate the user to the Crowd Server. The Crowd Server is integrated with JIRA, Confluence, Bitbucket and Bamboo in a single server through Crowd SSO connector for Atlassian applications. Which would allow any user landing on these applications to be authenticated from the crowd server. The crowd server was made responsible for SAML authentication from IDP, session management, as well as user and group management. Owing to which we were able to meet the expectations of NASA and became the first in the market in providing these add-on’s together. 

SAML Single Sign on for Crowd is with the best SSO features – SAML add-on that works with all Identity Providers. Users to sign in to Crowd Server with your SAML 2.0 capable Identity Provider. We support all known IdPs – Google Apps, ADFS, Azure AD, Okta, OneLogin, Salesforce, Shibboleth, SimpleSAMLphp, OpenAM, Centrify, Ping, RSA, IBM, Oracle, Bitium, WSO2, NetIQ, miniOrange, etc.

NOTE: SINGLE SIGN-ON CROWD SET UP GUIDE.

In conclusion, marketplaces have many products according to business needs.

For NASA, our product proved to be the best. What about you? Which product is best for you?