Confluence SAML app gives the ability to enable SAML Single Sign On for Confluence Software. Confluence Software is compatible with all SAML Identity Providers. Here we will go through a guide to configure SSO between Confluence and Okta. By the end of this guide, Okta users should be able to login and register to Confluence Software.
To configure Okta integration with Confluence SAML SSO, you need the following items:
Follow the steps below to configure Okta as an Identity Provider
Configuring Okta as IdP
|Single Sign On URL||Enter ACS (AssertionConsumerService) URL from the Service Provider info tab of the module.|
|Audience URI (SP Entity ID)||Enter SP Entity ID / Issuer from the Service Provider info tab of the module.|
|Default Relay State||Enter Relay State from the service Provider info tab of the module.|
|Name ID Format||Select E-Mail Address as a Name Id from dropdown list.|
|Application Username||Okta username.|
For Name, enter "firstName" and select user.firstName from the value dropdown.
For Name, enter "lastName" and select user.lastName from the value dropdown.
For Name, enter "Email" and select user.email from the value dropdown.
For Name, enter "groups" and select Matches regex from the Filter dropdown and enter ".*"
Okta Verified SAML App
Now we will go through the steps to setup Confluence as a Service Provider using miniOrange add-on:
Configure Identity Provider
By Metadata URL:
By uploading Metadata XML file:
IDP Entity ID
Single Sign On URL
Single Logout URL
Configure Multiple Identity Providers
When user logs into Confluence, one of the user’s data/attribute coming in from the IDP is used to search the user in Confluence. This is used to detect the user in Confluence and login the user to the same account.