SSO for JSM Customers using Oracle Cloud IDCS as OAuth Provider


Our SAML/OAuth SSO for JSM Customers app offers the functionality to seamlessly integrate OAuth/OpenID Single Sign-On into the JSM customer portal, ensuring compatibility with all OAuth/OpenID Providers. This guide will outline the steps for configuring SSO between the JSM customer portal and your OAuth/OpenID Provider. By following these instructions, customers will undergo authentication via your OAuth/OpenID Provider prior to accessing the JSM customer portal. This integration facilitates a smooth customer experience while also mitigating spam ticket.


Download And Installation

  • Log into your Jira instance as an admin.
  • Navigate to the settings and Click on Apps.
  • Locate SAML/OAuth SSO for JSM Customers.
  • Click on free trial to begin a new trial SAML/OAuth SSO for JSM Customers.
  • On menu bar click on Apps. Locate SAML/OAuth SSO for JSM Customers .

Step 1: Setup Oracle Cloud as OAuth Provider

Follow the steps below to configure Oracle Identity Cloud Service (IDCS) as an OAuth Provider.

  • Access the Oracle Identity Cloud Service administration console, select Applications, and then click Add.
  • Click on Confidential Application.
    • OAuth/OpenID/OIDC Oracle Cloud Single Sign On (SSO), Add Application
  • Enter the name of your Application and select Display in My Apps option under Display Settings section. And then click on the Next button.
    • OAuth/OpenID/OIDC Oracle Cloud Single Sign On (SSO), Configure App
  • Enable Configure this application as a Oauth Client now. Select Authorization Code and as your Allowed Grant type.
  • In the Redirect URL enter the Callback URL from the plugin.
  • You can select scope as per your requirement and click on Next button.
    • OAuth/OpenID/OIDC Oracle Cloud Single Sign On (SSO), Enter Client details
  • Under Expose APIs to Other Applications section, enable skip for later option and click on the Next button.
    • OAuth/OpenID/OIDC Oracle Cloud Single Sign On (SSO), Add resources
  • Under Web Tier Policy section, enable skip for later option and click on the Next button.
    • OAuth/OpenID/OIDC Oracle Cloud Single Sign On (SSO), Add policy
  • Enable Enforce Grants as Authorization checkbox, if you want only users to the access application which you granted acccess to it and click on the Finish button.
    • OAuth/OpenID/OIDC Oracle Cloud Single Sign On (SSO), Authorization
  • Assign the users/groups to your application by clicking on the Users / Groups tab respectively.
    • OAuth/OpenID/OIDC Oracle Cloud Single Sign On (SSO), Activate application
  • Activate the application, once it gets created.
    • OAuth/OpenID/OIDC Oracle Cloud Single Sign On (SSO), Activate application

Step 2: Setup JSM as OAuth Client

  • Go to the Manage Apps -> click Getting started under SSO Integration with Helpdesk then click on the Add New Identity Provider.
    • SSO for JSM Customers using Oracle Cloud IDCS as OAuth Provider | add identity provider
  • Select OAuth/OIDC and click on the next button.
    • SSO for JSM Customers using Oracle Cloud IDCS as OAuth Provider | Select protocol
  • Select Oracle from the Selected Application dropdown menu.
  • Enter the App Name, Client ID, Client Secret, and Scope as profile email openid groups.
  • Configure the following:

    Authorize Endpoint: Your_Oracle_Domain/oauth2/v1/authorize
    Access Token Endpoint: Your_Oracle_Domain/oauth2/v1/token
    Get User Info Endpoint Your_Oracle_Domain/oauth2/v1/userinfo
  • Click on Save button and then test connection for verifying the entered details.
    • SSO for JSM Customers using Oracle Cloud IDCS as OAuth Provider | verification details

Step 3: User Attribute Mapping

  • Once you see all the values in Test connection, go to User Attribute Mapping. Map attributes like Email, firstname, lastname, etc. Click on Save.
    • SSO for JSM Customers using Oracle Cloud IDCS as OAuth Provider | Attribute mapping

Step 4: Integrate Atlassian HelpDesk with JSM SSO

  • Navigate to the Jira Configuration tab. Click on the Configure API Token and configure the Service Account API token with the email.
    • It is necessary to have admin permissions for the service account.
    SSO for JSM Customers using ADFS as OAuth Provider | service account
  • After successful configuration of API token all the service desk projects with respective links will be displayed. These substituted links will be used by customers for accessing particular projects with SSO.
    • SSO for JSM Customers using ADFS as OAuth Provider | API token
  • Copy any of the substitute links you see for your portals and try accessing it in a private browser window. You would be automatically redirected to your Identity Provider for authentication and would be allowed access to the portal only after successful authentication.



Free Trial

If you don't find what you are looking for, please contact us at support-atlassian@miniorange.atlassian.net or raise a support ticket here.