How to Configure Google Single Sign-On (SSO) with Jira Align

Platform Notice: Cloud and Data Center - This article applies equally to both cloud and data center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Summary

This article shows the steps required to configure Google IDP for Single Sign-On with Jira Align.

Solution

Part 1 - Google Settings

  1. Log into https://admin.google.com.

  2. Click on Web and Mobile Apps on the left menu.

  3. Go to Add App > Add Custom SAML App.

  4. Enter an App name and description of your choice, and continue.

  5. Click to Download the Metadata:

    1. It will be imported on Jira Align in later steps.

    2. Take note of the SSO URL.

    3. Click Next/Continue.

  6. Service Provider Details:

    1. Set the ACS URL and Entity ID with your JIra Align URL.

    2. Check the box “Signed Reply."

    3. Set “Name Code format" to “EMAIL."

    4. Set “Name id" to “Basic Information > Primary Email."

    5. Click Next/Continue.

  7. It is not required to add an Attribute mapping, click on Conclude.

  8. Now, on the SAML App you just created, take note of the URL; it contains the APP ID.

Part 2 - Jira Align Settings

  1. Go to Jira Align.

  2. Go to Administration > Security.

  3. Click on the “Add SAML Provider” button.

  4. Copy the content from the GoogleIDPMetadata.xml file you downloaded in Step 5.

    1. To copy the content, open the file using any text editor app, select all the text, and copy.

    2. Paste on the “SAML 2.0 Metadata" text field..

    3. Set the “NameID Lookup by" to Email

    4. Click on Save and Close.

Part 3 - Testing SAML Login and Sign-In URL

  1. Before Disabling the Manual Sign-In, test the SSO authentication.

    1. Access your Google SAML Application (the URL you Saved in step 8 of part 1).

    2. Click on “TEST SAML LOGIN."

  2. Test the URL that will be used as Sign in URL .

    1. The URL must be like the following:

      https://accounts.google.com/o/saml2/initsso?idpid=C02wp9bui&spid=315645158461

    2. About the URL:

      • The IDPID is the ID from the URL captured in step 5 of part 1.

      • the SPIDP is the ID from the URL captured in step 8 of part 1

      Once you confirm you can log in to Jira Align successfully using the above URL (with the correct IDPID and SPID), you can set the URL to be the Sign in URL on Jira Align.

Part 4 - Finishing the Configuration

  1. On Jira Align > Admin > Platform > Security.

  2. Change “Disable Manual Sign-in" to “Yes."

  3. on the “Sign In URL" enter the SSO URL fetched in step 5B of part 1.

  4. Click Save Settings.

Updated on April 14, 2025
Platform
Cloud and Data Center
Products
Jira Align Cloud
Jira Align Data Center
On this pageSummarySolution

Still need help?

The Atlassian Community is here for you.
Ask the Community