Supported SSO methods

The miniOrange SSO SAML Plugin provides below 2 methods for authentication and authorization of users.

  1. SAML Single Sign On
  2. Header based Authentication

SAML Single Sign On

Security Assertion Markup Language (SAML) is an XML based protocol. It is used for authentication and authorization of users.

How it works:

SAML single Sign on flow

  • User request for the resource or tries to log in the application using their Identity Provider. We will take the example of login into Jira using Azure AD (IDP).
  • An authentication request is generated from Jira to Azure AD.
  • The user is redirected to the Azure AD for validation.
  • User will be authenticated with their Azure AD credentials if they aren’t already logged in.
  • Azure AD sends back the SAML Response containing assertions.
  • A login session will be created for the same user in Jira by validating response.
  • The user’s access can be restricted based on these assertions.

Header based Authentication

Header based authentication can be extensively used when your Atlassian instance (E.g. Jira) runs behind a proxy.

  • The proxy server will send the username attribute in the HTTP Header.
  • The Atlassian application will recognize the attribute and create a login session accordingly.