SecSign ID Plugin: Bitbucket Cloud Setups

2018-04-06 5 minutes to read
Tutorial Index

Protect your Cloud Bitbucket Account with on-premise two-factor authentication from SecSign ID with the Atlassian Identity Manager

Simply integrate the SecSign ID Two-Factor Authentication plugin and offer your users secure authentication with your Bitbucket cloud system, including convenient SSO setups. Connect your on-premise directory service for simple user management and added two-factor authentication security. Use SecSign ID Bitbucket two factor authentication for your Bitbucket account to securely protect all your data in the cloud. Works for iOS or Android mobile devices as well as for desktop.

Bitbucket is a web application for version control repository hosting service that can be used for source code and development process. It was developed by the company Atlassian. Bitbucket has comprehensive features and a high adaptability.Thus, the functionality of Bitbucket can be optionally expanded or adapted by using plugins (add-on’s).
SecSign ID is a plugin for real two-factor authentication (2FA) for Bitbucket. 2FA adds another layer of security to your installation by using a second token. In this case the physical token is your smartphone.

For on-premise Bitbucket protection without SAML please refer to our guide on the integration of our SecSign ID on-premise Bitbucket plugin.
Bitbucket on-premise protection

To add on-premise authentication protection to your on-premise Atlassian setup with SAML, please refer to our SAML integration information for on-premise setups.

SAML Bitbucket on-premise protection


To use the SecSign ID SAML Two-Factor Authentication with your Cloud Bitbucket Setup you need to activate the Atlassian Identity Manager. Please refer to the Atlassian guide on how to opt-in to using the Identity Manager.

Once you verified your Domain you can go ahead and activate the SAML Authentication with SecSign ID.

Atlassian Settings

Atlassian Settings

Open to your Atlassian Bitbucket Backend and navigate to [ your Organization ] > SAML Single-Sign On > Add SAML configuration

Enter the following parameter:

Identity provider Entity ID: [ your SecSign ID server address ] for example

Identity provider SSO URL: [ your SecSign ID server address ] for example

To enter the public x509 certificate navigate to your SecSign ID Administrator Backend and select the user that holds the certificate to sign.
For an overview of the users holding a certificate navigate to “Certificate user” in your SecSign ID Administrator Backend and select details for our URL, in this case *
Expand the certificate by selecting the triangle at the certificate. Copy the Certificate PEM encoded in your clipboard and switch back to the Atlassian Backend settings.

Public x509 certificate: Copy the PEM Certificate from the SecSign ID Administrator Backend

Save the configuration.

SecSign ID Administrator Settings

SecSign ID Administrator Settings

Create a new SAML-Service-Provider in your SecSign ID Administrator page.

Enter the following parameter:

Service Provider Issuer: Copy the SP Entity ID from your Atlassian Administrator Backend and enter it here

Audience Restriction: Same Entry as Service Provider Issuer

SAML response URL: Enter the SP Assertion Consumer Service URL from your Atlassian Administrator Backend

Do you have a service that needs SAML two-factor authentication protection? You didn’t find any information about your setup? We offer custom solutions for almost any SAML setup. Message us for a fast and convenient solution for your service.

    Do you intend to operate the SecSign ID Two-Factor Authentication server On-Premise or in the cloud?

    Your own ID-Server

    On premise installations of SecSign ID offer the flexibility to connect with your preferred servers, services, and devices. And you can customize the SecSign ID with your own organization’s branding.

    Learn More
    On Premise 2FA ID

    Latest Blog Posts, Updates & Features

    SecSign ID Server passed FIDO Certification

    We are happy to announce that the SecSign ID server has passed the official FIDO certification program of the FIDO Alliance. This will allow you to use the complete FIDO2/WebAuthn standard for passwordless 2FA sign-ins in your exi ...

    Mehr Lesen

    Two-Factor Authentication with Fido2 / WebAuth

    The FIDO2 Project is a set of standards developed by the FIDO Alliance and the World Wide Web Consortium (W3C) to create a strong authentication protocol for the web. It consist mainly of the WebAuth standard for the browser part ...

    Mehr Lesen

    Protecting the Home Office VPN with 2FA

    In the recent weeks, home office work has increased potentially. And while employees are practicing social distancing from their home computer, attackers are working hard to exploit security issues in this situation that is unfami ...

    Mehr Lesen
    SecSign 2FA