-
-
Notifications
You must be signed in to change notification settings - Fork 187
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fails to account for SSO logins #477
Comments
Hi @masukomi, I am also using jira-cli with SSO in my company but its a self-hosted Jira Server. I think it should work if are able to generate Personal Access Token (PAT). Basically what I am doing is:
|
I started using it today and had the same problem. So as another data point I can report that it works great with my employer's Jira installation, which uses SSO (AD-based I believe). @masukomi Have you tried using the username that appears on your Jira profile page, instead of an email address, if they differ? That username + PAT works for me. You can also try @ankitpokhrel Thanks for this tool, it's a nice accessibility aid for me. :) |
same issue for me: Set JIRA_AUTH_TYPE to bearer Results in: Weird thing is that I can see token being used by going to jira, it shows that it has been used within a minute which leads me to think that maybe it's "permissions to use API on jira/Atlasian" side of things? Is there such a thing? |
I'm also having this problem. My company uses a SSO service, that I don't know. Also, we are selfhosting. -> I selected My
I use Fedora Linux on a Thinkpad T590. I instlled via homebrew. |
@Akorian You need to export them too, |
FWIW, I have a work JIRA instance with SSO (via Google Auth). These steps worked for me.
|
I also can't get this to work with SSO (Azure) with any combination I've tried:
On macOS, installed via Homebrew. I see the following error:
|
I ran into this today as well. @spprashant documented the workaround that unblocks me (don't set |
@comjf / @spprashant are you using local Jira installation? The token generated in local installation is used with basic auth IIRC so we don't need to set |
Could we potentially get something like this setup for SSO servers on intranets |
Would be nice if instead of that error it will show the suggestion to set these two environment variables. |
In my case (Oauth2 SSO with PingId), setting up a bearer token is not enough:
I've verified with my browser that the API endpoint does exists. A similar call is done with my browser. But my browser sends a huge cookie with the request instead of a token. I guess that jira-cli needs to perform the Oauth dance to be able to log in with PingId. Hope this helps |
@ankitpokhrel I confirmed with my IT admins, we are using the cloud JIRA instance. So unsure why the |
I get the same issue with Okta SSO, but only if I'm not on my company VPN. |
I've got an SSO in front of my self-hosted JIRA instance. I was able to create a PAT at
and |
I am using Jira Cloud with Atlassian's SSO and I just need to set this:
Setting username and password in It'd be nice if we could set the
the
|
If I |
Describe the bug
when using
jira init
it requests an email and immediately errors with401 Unauthorized
. This is, presumably, because at our company we use Single Sign On to authenticate, not our emails.Short term suggestions:
Please provide following details
To Reproduce
Steps to reproduce the behavior:
jira init
and give it a valid email addressExpected behavior
I'd expect it to either work, or to provide me with an indication than SSO isn't supported.
The text was updated successfully, but these errors were encountered: