SSO 3.X - Configuring Bitbucket SSO app
- Iryna Ihnatiuk
To configure settings for Global SSO app, you must have Admin permissions.
To configure Bitbucket SSO app:
- Log into your Bitbucket as Admin.
- In the cog wheel menu, select Add-ons.
- In the GLOBAL SSO section, click Global SSO Settings.
The Global SSO Configuration page opens. - Fill in the fields on this page. The field description is provided in the 18154785.
If you entered wrong parameters, use a ''back door" functionality in order to avoid cyclic redirects and to access application bypassing SSO. To do this, add a GET parameter sso=off to the needed URL. Example: https://example.bitbucket.com/?sso=off.
Field description for the Global SSO Configuration page
Attribute | Description | Examples |
|---|---|---|
| Login URL | Identity provider (IDP) login page |
|
| Logout URL | Identity provider (IDP) logout page |
|
| Time Expiry | Life length of SSO Token (cookie) for authentication in seconds. Default value is 14400 (4 hours). Each application has two sessions – its own session and SSO session. When application's session expires, the user will be logged out from the application. When SSO session expires, the user will still be able to use this application but won't be able to log into another one without IDP re-authentication. | 14400 |
| Exclude paths | You can disable SSO from URLs which contain custom pieces of URL (semicolon separated values). By default Global SSO blocks REST API, so in order to allow for this, add an exclusion for the REST path ("/rest"). | /redirect;/rest/usermanagement;/rest/api |
| Exclude IP addresses | To support deep linking between applications, specify a list of application's IP addresses for linking, separated by semicolon. |
You can test your SSO cookie by using the Test SSO button:
Related topics
SSO 3.X - Configuring Jira SSO app
SSO 3.X - Configuring Confluence SSO app
SSO 3.X - Configuring Bamboo SSO app
SSO 2.0 - Configuring FishEye SSO app