Bitbucket SAML app gives the ability to enable SAML Single Sign On for Bitbucket Software. Bitbucket Software is compatible with all SAML Identity Providers. Here we will go through a guide to configure SSO between Bitbucket and your Identity Provider. By the end of this guide, users from your Identity Provider should be able to login and register to Bitbucket Software.
To integrate your Identity Provider(IDP) with Bitbucket, you need the following items:
Follow the steps below to configure Jboss Keycloak as an Identity Provider.You can use 2 ways to configure the JBoss Keycloak as IDP.
Method 2: Manual Configuration
Client ID | The SP-EntityID / Issuer from the step 1 of the plugin under Configure IDP tab. |
Name | Provide a name for this client |
Description | Provide a description |
Enabled | ON |
Consent Required | OFF |
Client Protocol | SAML |
Include AuthnStatement | ON |
Sign Documents | ON |
Optimize Redirect signing key lookup | OFF |
Sign Assertions | ON |
Signature Algorithm | RSA_SHA256 |
Encrypt Assertion | OFF |
Client Signature Required | OFF |
Canonicalization Method | EXCLUSIVE |
Force Name ID Format | ON |
Name ID Format | |
Root URL | Leave empty or Base URL of Service Provider |
Valid Redirect URIs | The ACS (Assertion Consumer Service) URL from the step 1 of the plugin under configure IDP tab. |
Assertion Consumer Service POST Binding URL | The ACS (Assertion Consumer Service) URL from the step 1 of the plugin under Configure IDP tab. |
Logout Service Redirect Binding URL | The Single Logout URL from the step 1 of the plugin under Configure IDP tab. |
Add Mappers
Download IDP Metadata
Now we will go through the steps to setup Bitbucket as a Service Provider using miniOrange SAML add-on:
Configure Keycloak:
Configure Bitbucket:
If you are looking for anything which you cannot find, please drop us an email on info@xecurify.com