Kantega SSO Enterprise 6.7.x release notes

We are pleased to announce Kantega SSO Enterprise 6.7.

Note that changes introduced in Kantega SSO Enterprise 6.3 will trigger an update of config warning in the Configuration status page upon install. It will convert your settings for Disable Traditional Login and Disable Basic Auth to a new format.


Read the update notes for important information about this release if you’re updating from major versions 5.x or 4.x, and see the full changelog below.



Compatible applications

In general, the latest version of Kantega SSO Enterprise is compatible with the oldest version that has not been ended of life. See Atlassian’s End-of-life (EOL) policy to get an overview of versions and EOL dates.


Compatible from Server version

Compatible from Data Center version


Compatible from Server version

Compatible from Data Center version














Changes in 6.7.1

Mar 2, 2023 11:30 CET
Fallback SAML/OIDC username attributes, improvements and bug fixes


  • SAML OIDC You may now configure up to three user lookup attributes. This way, you may have some users that are are looked up with the email claim which is present in the federated response. For other users, you may configure another attribute like for instance upn, and they will be looked up by upn when the email claim was not present.


  • update of config Now you will get a proper error message if config update fails due to missing write permissions to the home directory for the Jira / Confluence etc. process in the system.

  • saml oidc Authenticated anonymous browsing didn’t persist target URI / SAML relaystate, and lost deep links to items like Jira issues or Confluence pages. Instead the anonymous user was only redirected to the root page. Now deeplinks are kept also for authenticated anonymous users.

Bug fixes

  • user cleanup Scheduled run of User Cleanup didn’t trigger due to a state error which resolved the job as run before it had run.

  • SAML OIDC Fix bug in the new username attributes feature from version 6.7.0

  • SAML OIDC Auto create groups in group memberships on Just-in-time provisioning created groups even when only run in test login.

  • kerberos User transformations gave an error message for regular expressions even when nothing is wrong.

Changes in 6.7.0

Feb 20, 2023 17:00 CET

Fallback SAML/OIDC username attributes and user cleanup fixes

The features in 6.7.0 were withdrawn from marketplace due to a bug in the new feature, and made accessible again in 6.7.1.