Jira Auth0 OIDC 설정

개요

Auth0 Domain	https://<myid>.us.auth0.com
Jira URL	https://issues.mydomain.net

Auth0 설정

Applications 설정

https://manage.auth0.com/dashboard/us/<myid>/applications → Create Application

Basic Information
Name	My Jira
Client ID	Copy to Jira
Client Secret	Copy to Jira
Application URIs
Application Login URI	https://issues.mydomain.net/login
Allowed Callback URLs	https://issues.mydomain.net/plugins/servlet/oidc/callback
Allowed Logout URLs	https://issues.mydomain.net/logout, https://issues.mydomain.net/logout.jsp
Allowed Web Origins	https://issues.mydomain.net

Actions 설정

Actions → Library → add_group 추가

add_group

exports.onExecutePostLogin = async (event, api) => {
  const namespace = "https://mydomain.net/claims/";
  const groups = event.user.app_metadata?.groups;
  if (groups && groups.length > 0) {
    api.idToken.setCustomClaim(namespace + "groups", groups);
  }
};

Actions → Triggers → Post Login → add_group 추가

Jira 설정

Enable Internal Directory

User management → User Directories → Jira Internal Directory 활성화

OIDC 설정

System → Authentication methods → Add configuration

OpenID Connect settings
Name	Auth0
Authentication method	OpenID Connect single sign-on
Issuer URL	https://<myid>.us.auth0.com
Client ID	Copy from Auth0
Client secret	Copy from Auth0
Username mapping	${email}
Additional scopes	email
Additional settings
	(check) Fill the data automatically from my chosen identity provider.
JIT provisioning
Display name	${email}
Email	${email}
Groups	https://mydomain.net/claims/groups
JIT Scope	profile, email, https://mydomain.net/claims/groups
Login page settings
	(check) Show IdP on the login page
Login button text	Auth0

공간 바로가기

페이지 트리

개요