You can watch a video for this article here.
I have a developer account for Okta, but it should be the same as the standard Okta account.
Install Global SSO
Go to manage apps -> Find new apps and enter global sso in the search field. Then push the install button on the found app.
Create Okta application
After you have created your account, go to Applications and push the “Create Integration App” button:
Then choose SAML 2.0
Push the “Next” button
Enter the App name and press the “Next” button
Enter your URL in the “Single Sign-On URL” input field in the following format:
Enter the same URL as in the”Single Sign-On URL” input field in the “Audience URI (SP Entity ID)” input field.
Enter your URL in the following format into the “Default RelayState” input field:
Here are my input values:
Now push the “Next” button.
Choose “I’m a software vendor” and press the “Finish” button.
Push the “Identity Provider metadata” link:
Copy the URL.
Go to the “Assignments” tab and assign a user to this Application. The user must have the same email address as a user in Jira.
Setup Global SSO
Go to manage apps -> SAML Consumer Configuration. Choose the “Metadata URL” option, enter the copied URL into the “Metadata URL,” and enter the “Secret phrase”:
Push the “Parse settings from metadata” button:
Go to the “Advanced Setup” tab and ensure that the “Cookie Path” input field has a value. If not, add “/” to the field and push the “Save” button.
If you have a load balancer in front of your nodes and this node balancer performs a status check on your nodes, then you need to exclude this path from sso.
For example, my load balancer queries the /status endpoint from my Jira instance. To add an exception, go to manage apps -> Global SSO settings and enter “/status;” in the “Exclude paths” input field:
Push the “Save” button.
Check SSO connection
Open a new incognito window and enter the URL to your Jira instance. You will be redirected to Okta for authentication:
Enter the valid user name and password and push the “Sign In” button:
As a result, you will be redirected to your Jira, and you will be logged in with your user:
That is all for the article! Have a good day!