Skip to main content
Skip table of contents

Jira SAML Integration

This document explains how to implement Monosign with Jira. It covers Single Sign-On. Before you continue, it is better to start with Jira’s Single Sign-On page.

📑 Instructions

This documentation contains 4 main steps for integration.

  1. Creating an Application on Monosign

  2. Configuration Single Sign-On for Jira

  3. Assign a user to the Jira application

  4. (Optional) Sync Users and Groups Using SCIM (System for Cross-Domain Identity Management) protocol

  5. Sign-In Test

1- Creating an Application on Monosign

Create application on Monosign and configure your access policy.

While creating the Application, please click the Access tab and do the configurations as shown based on your use cases.




User Access Type

Defines which Users will access to this application.

Only Assigned Users
All Users

User Group Access Type

Defines application’s user group access

Only Assigned Users
Assigned Users and Defined Sources
All Users

Profile Access Type

Defines Application’s user’s profile access

Restricted - Only restricted user profile attributes
All - All user profile attributes

Once you create, click “Keys” and add a new Access Key for SAML Key for access.

This information will be necessary during the configuration of the Jira Application.

Create Application Key

Set Application Key

You are gonna see your configuration for your Jira application as follows;

SAML Settings

2- Configuration Single Sign-On for Jira

As it highlighted at the beginning of document, please check out the Jira’s SSO configuration page first.

Please add your SAML settings to the application. The following information is needed for your configuration.

Go to admin page and select your organization if you have more than one. Navigate to Security > Identity providers and select identity provider Directory.

For Monosign SAML SSO please select the “Other Provider“ to configure your SAML Settings.

Choose Identity Provider

On the next step, please define the “Directory“. Select Set up SAML single sign-on and add SAML details.

Jira SAML Configurations

Monosign SAML Configurations

You need to map the property values from Monosign SAML to Jira SAML.

Jira Property

Monosign Property


Identity provider Entity ID

Entity Id

This value is the URL for the identity provider where your product will accept authentication requests.

Identity provider SSO URL

Sign On Service

This value defines the URL your users will be redirected to when logging in.

Public x509 Certificate

Download Certificate

This value begins with '-----BEGIN CERTIFICATE-----'.

This certificate contains the public key we'll use to verify that your identity provider has issued all received SAML authentication requests.

You can download the Certificate from Monosign. Open the file with the text editor and copy the certificate thumbprint. Please copy that value to Jira Certificate part.

Go back to Monosign and configure the created SAML access key according to the information given by Jira. Correspondings of the fields on Monosign SAML configuration are as follows.

Jira SAML Properties

Monosign SAML Settings

If you’d like to provision users with SAML Just-In-Time, you should send the extra attributes by adding them as shown above in the “Extra Attributes“ part. Just-in-time provisioning will not map the User groups to Jira.

Jira SAML Property

Monosign SAML Property


Service provider entity URL


The Audience value copied from Jira.

Service provider assertion consumer service URL

Assertion Consumer Url

The Assertion Consumer Url value copied from Jira.

Lastly, give access to your users and try logging in.

3- Assign a user to Jira application

Please follow the below instructions on how to assign a user to the Jira application. In this example john.smith will assign to the application access.

User Assignment on Monosign

4 - (Optional) Sync Users and Groups Using SCIM

Users and Groups can be synced to the Jira using SCIM Protocol. To do that please go to the admin page and select your organization if you have more than one. Navigate to Security > Identity Providers and select the Identity Provider.

SAML Configuration on Jira Identity Provider

On the “User Provisioning“ part, please click the three dots and click the “Regenerate API Key“ button.

SCIM API Url and API Key

5 - Sign In Test

Now try login. Navigate to the Jira application. Click Monosign on the UI.

If everything is well configured, the page will be redirected to Monosign’s login page. It can be log in passwordless with QR code or type username and password.

Monosign SSO Jira Login Page

When the user logs in, the page will be redirected to Jira’s home page.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.