How to setup Azure AD SAML SSO with Jenkins

abhi saxena 6 Reputation points
2021-02-18T17:52:59.183+00:00

Hello, I want to integrate my Jenkins Logins with Azure SAML SSO, please help me on this, that how can i do the same. Thanks, Abhi

Microsoft Security | Microsoft Entra | Microsoft Entra ID
{count} votes

4 answers

Sort by: Most helpful
  1. Siva-kumar-selvaraj 15,721 Reputation points
    2021-02-19T14:46:31.26+00:00

    Hello @abhi saxena ,

    Thanks for reaching out.

    Please find following article for setting up Azure AD SSO with Jenkins, but this would use Oauth/OpenID protocol for SSO.

    https://azure.microsoft.com/en-in/blog/jenkins-on-azure-from-zero-to-hero/
    https://plugins.jenkins.io/azure-ad/

    I am not sure if Jenkins does support SAML protocol based SSO? if so then refer this article to Add an application to your Azure Active Directory (Azure AD) tenant.

    Note: If the application you are looking for is not in the gallery then you can select the link Create your own application and then under What are you looking to do with your application? choose Integrate any other application you don't find in the gallery

    The following thirdparty article is worth checking out as it speaks about setting up Azure AD SSO: https://plugins.miniorange.com/saml-single-sign-on-sso-into-jenkins-using-azure-ad-as-idp#1549879878415-f44c9e7a-b962

    ------------------------------------------------------------------------------------------------------------------------------

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    1 person found this answer helpful.
    0 comments No comments

  2. Siva-kumar-selvaraj 15,721 Reputation points
    2021-02-19T18:21:15.527+00:00

    Thanks for the update.

    Does Jenkins support SAML protocol based SSO, Could you please confirm? if so then you can refer this generic guidance for creating an Enterprise application entry in Azure AD for enabling SAML SSO.

    You must have basic SAML Configuration data which is known as federation metadata info such as Sign-in URL , Reply URL and Identifier (Entity ID) of Jenkins application, which need to be added when you integrate with Azure AD for SSO.

    In similar way, download azure AD's metadata file and update same on Jenkins side, once you have updated then you should customize Attributes to send to Jenkins Customizing claims issued in the SAML token for enterprise applications in Azure Active Directory.

    The following third-party article is worth checking out as it speaks about setting up Azure AD SSO:
    https://plugins.jenkins.io/saml/
    https://github.com/jenkinsci/saml-plugin/blob/master/doc/CONFIGURE_AZURE.md

    Hope this helpful.

    Thanks,
    Siva

    1 person found this answer helpful.

  3. abhi saxena 6 Reputation points
    2021-02-19T14:57:33.86+00:00

    Hello @sikumars-msft,

    Thanks for prompt response!
    here one issue is, we have our on-prem Jenkins server and we can’t move that on any cloud platform.
    Hence, i am looking for proper Settings to ads my on-prem Jenkins to my Azure SSO.

    Can please suggest something for that.

    Thanks,
    Abhi

    0 comments No comments

  4. Naveen Chandra Sekhara 106 Reputation points
    2021-07-29T22:21:10.267+00:00

    I have a quick question. What are the options for OnPrem Jenkins talking to Azure AD for authentication.
    SAML as I see above.
    How about Jenkins Azure AD plugin does work too?


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.