Page created: 13 Apr 2020 |
Page updated: 8 Feb 2022
To allow PingFederate to act as an identity provider for Atlassian Cloud, create a service provider (SP) connection.
If you only want to use the Atlassian Cloud Provisioner for provisioning, skip these steps.
Tip: You can follow these steps to create a new SP connection, or you can modify an existing connection.
In the PingFederate
administrator console, create a new SP connection:
- For PingFederate 10.1 or later: go to Create Connection. . Click
- For PingFederate 10.0 or earlier: go to Create Connection. . Click
Configure an SP connection with the Atlassian Cloud quick
- On the Connection Template tab, select Use a template for this connection.
- From the Connection Template list, select Atlassian Provisioner. Click Next.
- On the Metadata File row, upload the atlassian-saml-metadata.xml file. Click Next.
- On the Connection Type tab, click Next.
- On the General Info tab, click Next.
- On the Connection Type tab, select Browser SSO Profiles and clear any unwanted types. Click Next.
On the General Info tab, complete the following fields. The
rest of the connection information is populated by the metadata XML file. Click
- In the Partner's Entity ID field, enter the SP Entity IDthat you noted in Enabling single sign-on in Atlassian.
- In the Base URL field, enter the base URL that you noted in Getting an Atlassian API key.
On the Browser SSO tab, configure browser SSO.
For a complete guide, see Configure IdP Browser SSO in the PingFederate documentation.
- On the IdP-Initiated and SP-Initiated check boxes. tab, select the
- On the Binding list, select POST. In the Endpoint URL field, enter the SP Assertion Consumer Service URL that you noted in Enabling single sign-on in Atlassian. Click Add. tab, from the
- On the SAML_SUBJECT, from the Subject Name Format list, select urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress. tab, for
On the Credentials tab, configure the connection
credentials. Click Next.
For a complete guide, see Configure credentials in the PingFederate documentation.
- On the Outbound Provisioning tab, configure the provisioning target and channel as shown in Configure outbound provisioning in the PingFederate documentation.
- On the Activation and Summary tab, above the Summary section, click the toggle to turn on the connection. Click Save.