How to Configure SAML 2.0 for Jira On Premise SAML
This setup might fail without parameter values that are customized for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.
Note: You can find information about JIRA provisioning in our Okta Jira Authenticator Configuration Guide.
- Create okta-config-jira.xml on the Jira server and paste the following configuration into it.
<configuration>
<applications>
<application>
[Metadata]
</application>
</applications>
</configuration>
- Substitute the following text for [Metadata] in the file you just created.
Sign into the Okta Admin dashboard to generate this value.
- Make the following updates to the [jira_webdir]/WEB-INF/classes/seraph-config.xml file.
-
Set the two corresponding param-value tags for the param-name login.url and the param-name link.login.url to the following value.
Sign into the Okta Admin dashboard to generate this value.
-
Locate the logout.url param-name and set the corresponding param-value to the following value.
Sign into the Okta Admin dashboard to generate this value.
-
Locate the <authenticator class=... line, and replace it with the following xml, substituting the path to your okta-config-jira.xml file where indicated.
<authenticator class="com.atlassian.jira.authenticator.okta.OktaJiraAuthenticator">
<init-param>
<param-name>okta.config.file</param-name>
<param-value>/path/to/your/okta-config-jira.xml</param-value>
</init-param>
</authenticator>
- Copy the okta-jira.jar file to the [jira_webdir]/WEB-INF/lib directory.
-
Restart your Jira service.