ADFS side

  1. In Trust Relationships/Relying Party Trusts click "Add Relying Party Trust"
  2. Click Start
  3. Enter the following URL in “Import data about the relying party published online or on the local network”:
    The full form is https://<YOUR ATLASSIAN APPLICATION HOST>:<YOUR ATLASSIAN APPLICATION PORT>/<YOUR ATLASSIAN APPLICATION CONTEXT>/plugins/servlet/easysso/saml/metadata?stopsso=true
    e.g if you are running Jira on custom port 2990 and context /jira: https://testjira.mydomain.com:2990/jira/plugins/servlet/easysso/saml/metadata?stopsso=true
    or if you running on the default HTTPS port 443 and no context: https://testjira.mydomain.com/plugins/servlet/easysso/saml/metadata?stopsso=true
  4. Click Next, edit Display Name
  5. Click Next, configure as you require
  6. Click Next, finish adding the Relying Party
  7. Select the added Relying Party, click “Edit Claim Rules…”
  8. In “Issuance Transform Rules” click “Add Rule”
  9. Select “Send LDAP Attributes as Claims” click Next
  10. Give the rule some name e.g. “Attributes required by EasySSO”
  11. Select Attribute Store (probably Active Directory?)
  12. Add an attribute - select LDAP Attribute “E-Mail-Addresses” from drop-down, and type (don't select from drop-down) the Outgoing Claim Type as “urn:oid:0.9.2342.19200300.100.1.3” (but don’t surround with quotes)
  13. Add an attribute - select LDAP Attribute “Display-Name” from drop-down, and type (don't select from drop-down) the Outgoing Claim Type as “urn:oid:2.16.840.1.113730.3.1.241” (but don’t surround with quotes)
  14. Depending on what you use as the user-id in JIRA or Confluence - email, sAMAccountName or UPN - select a corresponding LDAP Attribute from the drop-down and type (don't select from drop-down) the Outgoing Claim Type as “urn:oid:0.9.2342.19200300.100.1.1” (but don’t surround with quotes)

EasySSO side

Follow the details given on EasySSO with SAML - Configuration

EasySSO articles


Purchase from the marketplace

EasySSO on Atlassian Marketplace

Purchase