Are EasySSO Server Licenses Still Available to Purchase?
Azure Configuration
Inside Microsoft Azure open Enterprise Applications
- Click on "New application"
- In the search bar enter 'EasySSO'
- Select the application that matches your platform. The rest of the example will continue with EasySSO for Jira
- Click "Create"
- You will be automatically navigated to the Overview page for the enterprise app you have just created
- On the EasySSO Overview page
- On the toolbar on the left-hand side of the page, click on "Single sign-on"
- On the Single Sign on page
- Select the rectangle box that says "SAML"
- Click "No, I'll save later"
- In the "Basic SAML Configuration" box, click on 'Edit' on the top right-hand corner
- On the Basic SAML configuration edit panel
- Set Identifier (Entity ID) URL to https://<YOUR ATLASSIAN SERVER BASE URL>/plugins/servlet/easysso/saml
- Set URL to https://<YOUR ATLASSIAN SERVER BASE URL>/plugins/servlet/easysso/saml
- Set Sign on URL (Optional) URL to https://<YOUR ATLASSIAN SERVER BASE URL>/plugins/servlet/easysso/saml
- Set URL to https://<YOUR ATLASSIAN SERVER BASE URL>/plugins/servlet/easysso/saml
- Set Logout URL (Optional) URL to https://<YOUR ATLASSIAN SERVER BASE URL>/plugins/servlet/easysso/saml
- Click Save
- Set Identifier (Entity ID) URL to https://<YOUR ATLASSIAN SERVER BASE URL>/plugins/servlet/easysso/saml
- In the Single sign-on page, under the SAML Certificates, copy the App Federation Metadata Url
EasySSO Configuration
- Open EasySSO and select SAML
- On the SAML configuration screen make sure Enable SAML is ticked
- Click the Certificates tab
- On the Certificates page
- Next to Load Metadata ensure the URL option is selected
- In the IdP Metadata URL text box, paste the copied App Federation Metadata Url copied earlier
- Click Load Certificate
- Click Save
- On the General page
- Configure settings for New Users which are logging in for the first time from the SAML provider, based on your needs
- Configure settings for Existing Users which have previously logged in, based on your needs
- Configure Default groups for Users to ensure that logged in users are provisioned with the correct groups and permissions
- Click Save
Add Signing and Validation (Optional)
This will also allow for Single Logout (SLO) and IdP initiated logout.
EasySSO Configuration
- On the Certificates page
- Click the Generate Certificates button
- Paste the contents of the SP Signing certificate into a text file and then change the filename to cert.cer
- Remove the header (-----BEGIN CERTIFICATE-----) and footer (-----END CERTIFICATE-----)
- On the General page
- Make sure Sign SP Login request is ticked
- For Logout Binding Type select POST
- Copy POST Binding URL and paste into Single Logout URL text box
- Make sure Sign SP Logout request is ticked
- Make sure Sign SP Logout response is ticked
- Make sure Verify SP Logout Request Signature is ticked
- Make sure Verify SP Logout Response Signature is NOT ticked
- Click Save
- Make sure Sign SP Login request is ticked
Azure Configuration
Inside Azure Enterprise Applications - EasySSO
- On the Single sign-on panel for EasySSO
- On the SAML Certificates Verification certificates (optional), click Edit
- On the Edit page for Verification certificates (optional)
- Make sure Require verification certificates is ticked
- Make sure Allow requests signed with RSA-SHA1 is ticked
- Click the Upload certificate button and upload the previously saved cert.cer file
- Click Save
You've completed the configuration of EasySSO SAML with Azure!
For more customisation options, check out EasySSO with SAML - Configuration.