Kantega SSO EnterpriseInternet Information Services (IIS)

Internet Information Services (IIS)

Please refer to Atlassian documentation on configuring IIS as a reverse proxy.


Also, you should navigate to the IP restrictions page in the Kerberos menu and set the correct way of seeing the correct IP:

Getting Kerberos to work on IIS

You should at least disable Windows Authentication for your site to allow Kerberos to work.

SAML: Redirection to identity provider fails with 404

If IIS is being used as a reverse proxy and you're getting 404 when trying to log in with SAML, IIS could be rewriting the identity provider redirect URL to point back to the Atlassian application. An example using ADFS, the browser is redirected to 


instead of 


If this is happening, check any Rewrite rules for IIS and ARR. Then ensure "Reverse rewrite host in response headers" is disabled: Select the IIS server, open the Application Request Routing Cache pane, then select Proxy Settings from the right menu.