Dear,
I am trying to integrate Jira with IDP to enable SSO using SAML. (Using the build-in SSO in DC)
The users are being authenticated and redirected to Jira successfully. However, I'm getting an error after being redirected as follows:
Something went wrong
We couldn't log you in. This may be for a variety of reasons. We suggest trying again.
If the problem persists, contact your JIRA administrator. Give them this error identifier:
After checking Jira Logs I found this:
com.atlassian.plugins.authentication.impl.web.saml.provider.InvalidSamlResponse: Received invalid SAML response: Timing issues (please check your clock settings)
I took a look at the SAML response and found that the NotBefore condition is failing because the IDP server is 4 seconds ahead.
How can we allow clock skew for SAML in Jira?
Thanks,
