Open Keycloak

Select or Create a new Realm in KeyCloak

Copy the link pointing to the SAML 2.0 Identity Provider Metadata 

This is a url : <keycloak-url>/auth/realms/<realm-name>/protocol/saml/descriptor

Open the Atlassian Application

and press on Save


Copy the SP XML and create a new File e.g. sp.xml and paste the content in this file

If you don't see the SP Certificate, log out and log in again

Open Keycloak

Select Clients and Create a new Client

Import the sp.xml file and click on Save

Put Client Signature Required and put it on OFF and save again

Open Atlassian Application

Log out and Click on the Button Login using SAML IDP Server

this should redirect to keycloak

Single Logout

To enable single logout in Keycloak:

  • Turn on "Front Channel Logout"
  • Enter the logout url in the "Fine Grain SAML Endpoint Configuration" (see "Logout Service POST binding URL")

  • In the SAML plugin settings, check "Enable single logout"

Further Configuration :

  • No labels