Confluence - RSA Ready Implementation Guide
Solution Summary
This guide describes Confluence integration with RSA ID Plus using SAML 2.0. Use this information to determine which use case and integration type your deployment will employ.It also describes the steps for configuring Confluence with RSA Cloud Authentication Service through OIDC using the miniOrange identity broker. Identity brokering establishes trust between applications, such as Atlassian Access (SAML) and RSA Cloud Authentication Service (OAuth/OIDC Provider), that use different protocols, enabling them to understand each other's requests and responses.
For miniOrange, you need to configure the following:
- Set Atlassian Access SAML Application as the Service Provider, and miniOrange as the Identity Provider.
- Set RSA Cloud Authentication Service as an Identity Source in miniOrange, where miniOrange is the OAuth/OIDC client.
Use Case
Confluence can be integrated with RSA using My Page SSO and Relying Party. When integrated, users must authenticate with RSA to sign in to Confluence.Integration Types
My Page SSO provides Single-Sign-On (SSO) to Confluence users leveraging RSA self-service portal My Page. Both SP-initiated SSO and IdP-initiated SSO are supported.Modern Cloud-hosted SSO with My Page replaces the existing SAML SSO support with the IDR.
Relying Party integration allows Confluence users’ web browsers to be automatically redirected to RSA Cloud Authentication Service for authentication. With Relying Party integration, Cloud Authentication Service can manage either additional authentication only or both primary authentication (for example, user ID and password) and additional authentication depending on the service provider's capability.
Supported Features
This section shows all the supported features by integration type and by RSA components. Use this information to determine which integration type and RSA component your deployment will use. The next section in this guide contains the instruction steps for how to integrate RSA with Confluence using each integration type.Confluence Integration with RSA Cloud Authentication Service
| Authentication Methods | RSA MFA API (REST) | RADIUS | Relying Party | My Page SSO |
| Approve | - | - | ||
| LDAP Password | - | - | ||
| SecurID OTP | - | - | ||
| Authenticate OTP | - | - | ||
| Device Biometrics | - | - | ||
| SMS OTP | - | - | ||
| Voice OTP | - | - | ||
| FIDO Security Key | - | - | ||
| QR Code | - | - | ||
| Emergency Access Code | - | - |
Confluence Integration with RSA Authentication Manager
| Authentication Methods | RSA MFA API (REST) | RADIUS | Authentication Agent |
|---|---|---|---|
| RSA SecurID | - | - | - |
| On Demand Authentication | - | - | - |
| Risk-Based Authentication | - | - | - |
| Supported | |
| - | Not supported |
| n/t | Not yet tested or documented, but may be possible |
| n/a | Not applicable |
Configuration Summary
This section contains instruction steps that show how to integrate Confluence with RSA using all of the integration types.This document is not intended to suggest optimum installations or configurations. It is assumed that the reader has both working knowledge of all products involved, and the ability to perform the tasks outlined in this section. Administrators should have access to the product documentation for all products to install the required components.
All RSA and Confluence components must be installed and working prior to the integration.
This section of the guide includes links to the appropriate sections for configuring both sides for each use case.
Integration Configuration
RSA Cloud Authentication Service
- Confluence - SAML My Page SSO Configuration - RSA Ready Implementation Guide
- Confluence - SAML Relying Party Configuration - RSA Ready Implementation Guide
- Confluence - My Page SSO Configuration Using OIDC - RSA Ready Implementation Guide
- Confluence - Relying Party Configuration Using OIDC - RSA Ready Implementation Guide
RSA Terminology Changes
The following table describes the differences in the terminologies used in the different versions of RSA products and components.| Previous Version | New Version | Examples/Comments |
| Company ID | Organization ID | |
| Account | Credential | |
| Token | OTP Credential | SecurID OTP Credential |
| Tokencode | OTP/Access Code | SecurID OTP, SMS OTP, Voice OTP Emergency Access Code, Disable Access Code |
| Hardware Token | Hardware Authenticator | |
| Device Serial Number | Binding ID | |
| Device | Credential/Authenticator | |
| Device Registration Code | Registration Code | |
| Authenticate App | Authenticator App |
Certification Details
RSA Cloud Authentication Service- Confluence
- miniOrange Confluence OAuth/OpenID SSO plug-in
