SAML endpoints not working after upgrading Confluence or the SAML/SSO plugin
Platform Notice: Data Center Only - This article only applies to Atlassian products on the Data Center platform.
Note that this KB was created for the Data Center version of the product. Data Center KBs for non-Data-Center-specific features may also work for Server versions of the product, however they have not been tested. Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.
*Except Fisheye and Crucible
Summary
After upgrading Confluence or the SAML plugin, the SAML endpoints no longer work.
Environment
- Confluence Data Center
- SSO for Atlassian Server and Data Center version 4.0.1 or newer
Diagnosis
Accessing SAML endpoints returns 404 messages.
Example: http://CONFLUENCE_URL/plugins/servlet/saml-logout
Cause
The SAML for Data Center plugin has been renamed to SSO for Atlassian Data Center starting from version 4. With this change, all endpoints and settings were also renamed to SSO.
Solution
Use SSO where SAML was previously used. In the example above, the new endpoint is: http://CONFLUENCE_URL/plugins/servlet/sso-logout
The plugin settings can be retrieved from the database with the following query:
SELECT * FROM BANDANA WHERE BANDANAKEY like 'com.atlassian.plugins.authentication.sso.config%';