The first sign you might need Compass SAML is when you’re still chasing down old credentials in Slack threads at 9 p.m. You wanted single sign-on, not single source of confusion. Compass SAML exists to make identity flow cleanly across your systems, giving you centralized access control without the brittle mess of custom tokens or scattered role files.
Compass, as part of Atlassian’s developer experience suite, helps teams standardize their internal services and documentation. SAML (Security Assertion Markup Language) handles identity. When you connect Compass with SAML, you let your identity provider—say Okta, Google Workspace, or Azure AD—tell Compass who the user is. That means when an engineer opens a service catalog, every permission, audit entry, and group mapping is already enforced. It’s authentication and authorization in one clean handshake.
The logic behind Compass SAML is simple. The user attempts to sign in. The identity provider challenges and authenticates, then sends an assertion back to Compass. That assertion carries attributes like role, department, and group membership. Compass uses it to determine which services or components the user can view or edit. No separate passwords, no new auth stores, and no “oops, I forgot to deprovision that contractor’s account” moments.
For troubleshooting, remember this rule: if roles seem misaligned, check attribute mappings first. Most Compass SAML hiccups come from mismatched field names between your IdP and Compass. Also, rotate your signing certificates before expiration to avoid weekend lockouts.
Benefits of Compass SAML integration:
- Centralizes identity and access control under one policy framework.
- Reduces onboarding friction since new engineers log in with existing SSO credentials.
- Improves audit compliance with SOC 2 and ISO 27001 requirements.
- Cuts off ghost accounts automatically when identities are disabled upstream.
- Speeds incident response because logs tie actions directly to verified identities.
The daily developer experience gets quieter. You spend less time requesting access and more time building. Compass SAML pushes identity logic out of your code and into infrastructure control, where it belongs. Faster onboarding, consistent permissions, fewer “who approved this” mysteries.
Platforms like hoop.dev turn those identity rules into guardrails that enforce policy automatically. Instead of relying on each developer to get SAML right per service, hoop.dev makes authentication and authorization part of the environment itself. It’s a future-friendly way to extend the same secure patterns across internal tools, staging systems, and sandbox clusters.
How do I connect Compass SAML to my identity provider?
In Compass, enable SAML under authentication settings, then provide the SSO URL and certificate from your IdP. Test using a non-admin account to confirm attribute mapping. Once verified, enforce SAML-only login and review Compass roles for parity.
Why use Compass SAML instead of OIDC?
SAML still wins in enterprise environments with older IdP setups, while OIDC suits modern, API-driven apps. For service catalogs and internal dashboards like Compass, SAML fits neatly with enterprise identity stores and compliance workflows.
Compass SAML is less about technology and more about trust built into your workflow. When access is this predictable, teams move faster without cutting security corners.
See an Environment Agnostic Identity-Aware Proxy in action with hoop.dev. Deploy it, connect your identity provider, and watch it protect your endpoints everywhere—live in minutes.