SSO, single sign-on, is a property of access control of multiple related but independent software systems. With this property, you can log in once and gain access to all systems without logging in again at each of them.
To configure the SSO in Jira Align:
- If you’re using the new navigation, select the Settings gear in the top navigation bar. If you’re using the old navigation, select Administration in the left Nav menu.
- On the left side of the page, select Platform in the Settings section.
- Select the Security tab.
The following SSO settings are configurable:
- Enable SSO. Allows the processing of single sign requests when enabled.
- Disable Manual Sign In. Controls if the users can access the application by manually signing in through the login page or by using the SSO. The default value is set to No. It is always set to No if the Enable SSO option is set to No. You can set the Disable Manual Sign In option to Yes only when the Enable SSO option is set to Yes. When the manual sign in is disabled:
- Such security settings as Minimum Password Length, Minimum Password Uppercase, Minimum Password Numeric Characters, and Temporary Links Expiration (Hours) are disabled.
- The Resend Password link in user properties in Administration > People > User details and in user’s profile is disabled.
- Login page is not available for users.
- Users created while the manual sign in is disabled do not receive a New User Setup email.
- SAML 2.0 Identity Providers. Allows you to use a SAML 2.0 Identity Provider to implement SSO. To add your SAML 2.0 Identity Provider, click Add SAML Provider, then copy and paste the SAML 2.0 Metadata XML. Under NameID Lookup By, select whether you want to use the Email or External ID field to authenticate Jira Align users by. User's External ID can be set on the Edit User page and synchronized through the external connectors. To save the information, click Save & Close. The SAML 2.0 Metadata will be validated and the entityID will be shown on the Configuration page. You can edit the SAML SSO configuration for the specific Identity Provider by clicking the pencil icon.
- Sign In URL. This option is only available when the manual sign in is disabled. Set this value to an identity provider-initiated SSO URL that you want to direct users to when they try to access Jira Align and are not signed in.
Note: We do not support redirects to other Jira Align pages when users are unauthenticated by SSO.
- Sign Out URL. Set this value to a URL that you want to direct users to when they click Sign Out.