Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SSO Implementation Issue

Ramya Yarru
Ramya Yarru December 7, 2020

Hello Team,

We have implemented SSO in our organization and we have our JIRA users managed using LDAP and making it as primary authentication, so for users who are member of JIRA AD group were able to login as expected but for users who were not a member of AD users on clicking the Log In option it doesn't redirect to SSO page or any other prompt but displays a message : Something went wrong which is not an appropriate message so I would want to understand why it doesn't redirect to sso or any other login screen but rather display a page saying "Something went wrong" and if it is possible to have an appropriate message to users that It is because they are not a part of Jira AD groupJira SSO.PNG

Answer
Watch
Like Be the first to like this
437 views

2 answers

0 votes
Lokesh Naktode_miniOrange
Lokesh Naktode_miniOrange
Atlassian Partner
December 8, 2020

You seem to be using built-in JIRA Server/Datacenter's SSO and it looks like the users are not authorized to access the JIRA Software application but I suggest you check the logs in the "atlassian-jira.log" file located at <JIRA_HOME>/log directory for detailed error messages and troubleshoot this issue.

You can also take a look at the third-party SSO plugins from the Atlassian Marketplace which provides lots of customization where you can set different redirection rules for different types of users, easy to configure and troubleshoot any issue.

 

PS:- I work for miniOrange one of the top SSO vendors in the Atlassian Marketplace.

View More Comments
Tom Lister
Tom Lister
Community Champion
December 8, 2020

Hi @Lokesh Naktode_miniOrange 

We are looking at setting up Crowd linked to LDAP with an  MFA plugin. How would miniOrange solution work for a similar config.

Like
Ramya Yarru
Ramya Yarru December 8, 2020

Hello @Lokesh Naktode_miniOrange 

Users part of Jira AD group could login but users who are not a part of JIRA AD group receive this message rather rather than stating that they have issue with their account.

Like
Lokesh Naktode_miniOrange
Lokesh Naktode_miniOrange
Atlassian Partner
December 8, 2020

@Tom Lister 

We have a 2FA plugin for all the Atlassian applications but for Crowd it is still in a development phase and will be avaialble on the Atlassian marketplace soon.

Alternatively, we have a dedicated MFA solution avaialble which can be used to enable MFA on top of Crowd SSO. I suggest raising a query to miniOrange support with complete requirements and the team will get back to you with a proposed solution.

Like
Lokesh Naktode_miniOrange
Lokesh Naktode_miniOrange
Atlassian Partner
December 8, 2020

Hi @Ramya Yarru 

Looking at your message, It seems like an application authorization issue and we can not do anything here to update the error message because it is generic message for all the errors. Maybe Atlassian can help you out on this.

Like
Reply
0 votes
Tom Lister
Tom Lister
Community Champion
December 8, 2020

Hi @Ramya Yarru 

Our server is similar. Once we had implemented an SSO server, internal users were no longer able to login.

For any users not in our company LDAP , we created a second LDAP directory which we have to maintain manually when external users need access.

We will be moving to Crowd soon to create a single place to manage users.

Tom

View More Comments
Ramya Yarru
Ramya Yarru December 8, 2020

Hello @Tom Lister 

We have no external users, all of them are internal users but here the issue is users might not be aware that they have to be part of AD group inorder to access JIRA and hence if they try to login to JIRA without being a member of JIRA AD group they would be given this message which is inappropriate message as it's states there might be issue with server rather than stating that the issue is with their account.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.