Single Sign-On For AWS

Single Sign-On For AWS

miniOrange + AWS

Use Case - Integrate Jira and Confluence with AWS Cognito for Single Sign-on.

Amazon Web Services (AWS) is a subsidiary of Amazon providing on-demand cloud computing platforms and APIs to individuals, companies, and government organizations. AWS has an environment where all the users are stored in a centralized system ‘AWS Cognito’. It has each of its servers Jira, and Confluence for which user permissions are stored in AWS Cognito. AWS uses its own product i.e. AWS Cognito, to manage users and groups across the entire organization, and they were looking to integrate Jira and Confluence with Cognito for SSO so that users could easily access these applications using Cognito's credentials.

Solution We Provided to AWS:

miniOrange provided "miniOrange Jira OAuth/OIDC SSO" plugin and “miniOrange Confluence OAuth/OIDC SSO” plugin for Jira and Confluence respectively. It allows users to enable OAuth/OIDC Authentication from any OAuth/OIDC compliant Identity Provider. The Identity Provider will perform user authentication and user permissions are mapped according to the permissions present in the Identity Provider. AWS was able to set up the plugins on their own with the help of our set-up guides (Yes, it's that simple!). By fulfilling the requirements of AWS we were able to include them in our journey of innovations. Being a software security company we know the importance of an organizations' security and hence we develop high-quality products for our clients along with world-class support.

What does miniOrange provide?

miniOrange provides secure access to the Atlassian applications (eg. Jira, Confluence, etc.) as well as non-Atlassian applications, for enterprises and full control over access of applications and Single Sign On (SSO) into applications with one set of login credentials.

How does it work?

miniOrange OAuth/OIDC Single Sign On (SSO) add-on acts as an OAuth/OIDC client which can be configured to establish the trust between the Atlassian applications and an OAuth/OIDC Identity Provider in order to securely authenticate the user to the application. When the user tries to access the Jira/Confluence page; they are redirected to the AWS Cognito login page for authentication. On successful authentication they are redirected back to the page they were trying to access. The user group provisioning is done automatically through SSO, thus giving the application access to the user.

Our OAuth/OIDC Single Sign on provides the best SSO features that works with all Identity Providers. It enables users to sign in to the application with their Identity Provider. We support all known providers such as Google Apps, ADFS, Azure AD, Okta, Facebook, Salesforce, GitHub, GitLab, Keycloak, Discord, meetup, AWS Cognito, Azure B2C, Slack, miniOrange, etc.

Key benefits of the solution to AWS :

  • Easy to integrate: Easily moved user authentication from Atlassian apps(Jira/Confluence) to AWS Cognito application.
  • Ease Of Access: Users have to remember only one set of credentials.
  • Manage Users on the existing system: With JIT (Just In Time Provisioning) administrators can manage their users in their existing system without having to move users or maintain them in multiple applications.
  • Secure Access: Made it easy for their environment to enforce additional security layers like 2FA on top of user authentication. This was not possible while using Jira/Confluence application login.
SSO Flow Diagram for AWS

For AWS, our product proved to be the best. What about you? If you don’t find what you are looking for, please contact us at info@xecurify.com or call us at +1 978 658 9387 to find an answer to your question about Single Sign-On(SSO).