<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D51Y000091Kt9lSACOkta Classic EngineIntegrationsAnswered2024-12-20T09:00:23.000Z2020-07-27T11:51:31.000Z2020-07-29T22:55:28.000Z

zov2r (zov2r) asked a question.

July 27, 2020 at 11:51 AM
Jira on prem issue - login page

Hi,

I configured everything according to the on prem guide, but when i try to access Jira from Okta it leads me to the login page of Jira and asks me to insert a username and password and it doesn't connect the user via SSO , i also configured LDAP server in Okta so all my Okta's users will be available in Jira when i try to test out the SSO.

Why the SSO doesn't work?

 

P.S

"Automatically log in when user lands on login page" is enabled

Application username format is set to "Okta username"

  • 6 answers
  • 1.25K views

  • AndrewM.53141 (Okta)

    Hi @zov2r (zov2r)​ - one thing I recall from one customer is, in the seraph config, when specifying the jira url value, there were problems using a custom url, had to revert back to the default jira url.

     

    Would also recommend running a fiddler trace when replaying that issue. I have seen that uncover things like attribute mismatches in the past.

     

    -Andrew

    Expand Post
    Selected as Best

      • User15851122134349081871 (North Central-Enterprise)

        My only guess is that something's incorrect in the okta-login.jsp file you created during those steps, or with the Okta plugin in your browser. You're being redirected to the Jira login page, and that's one of the outcomes explained in the last section of the guide: "First the Okta plugin is consulted to determine if the request should be handled by Okta or by the native JIRA login page. If the request should be handled by Okta, the user's browser is redirected to Okta and the appropriate RelayState is appended so that Okta can redirect the user back to JIRA once they have successfully logged in. Otherwise the user's browser is redirected to the login.jsp page of JIRA.

        Expand Post

      • zov2r (zov2r)

        Another thing i noticed is when i go directly to the login page of Jira it redirects me to my Okta's SSO uri, with the message of "Sorry, you can't access Atlassian Jira Server because you are not assigned this app in Okta." but my user is assigned with the Jira application in Okta.

  • AndrewM.53141 (Okta)

    Hi @zov2r (zov2r)​ - one thing I recall from one customer is, in the seraph config, when specifying the jira url value, there were problems using a custom url, had to revert back to the default jira url.

     

    Would also recommend running a fiddler trace when replaying that issue. I have seen that uncover things like attribute mismatches in the past.

     

    -Andrew

    Expand Post
    Selected as Best

  • AndrewM.53141 (Okta)

    Also, here are some other notes I have taken from a similar issue when I was involved with this 6 months back (I was only an observer):

     

    • Mismatch in app username between Okta and Jira - this was later resolved during testing
    • Converted user app assignment from individual to group based in Okta
    • Changed group attribute assignment from reg-ex to 'starts with' value "ACCESS-APP-JIRA" in Okta SAML config
    • Change group attribute name from groupName to groups in Okta SAML config
    Expand Post
This question is closed.
Loading
Jira on prem issue - login page