Apps documentation
Azure AD Attributes for Jira
Azure AD Attributes for Jira
Documentation
FAQ
Release notes
Last updated Sep 11, 2024

Connecting app to Azure AD

Learn how to synchronize Azure AD Attributes Sync and Azure Active Directory (AD)

Connecting Jira internal directory to Microsoft Azure Active Directory allows you to match user accounts, so that their Azure AD attributes can be displayed in Jira and on the Customer portal.

Obtaining a Tenant ID value from your Azure Active Directory instance is the first step to do that. Below, you’ll find instructions on how to do it.

Tenant ID

Steps

  1. Go to portal.azure.com.
  2. Select Azure Active Directory.
    Jira Active Directory integration with Azure AD Attributes - Jira connecting to an LDAP to synchronize user accounts
    Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD
  3. In the Overview section navigate to Basic information and copy the Tenant ID value.
    Jira Active Directory integration with Azure AD Attributes - Jira connecting to an LDAP to synchronize user accounts
    Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD

Results

Tenant ID has been copied.

In the next part of this chapter, you’ll learn how to use it to connect the Azure AD Attributes Sync for Jira app with Azure Active Directory portal.

Connecting the app to Azure Active Directory

Warning

We’ve updated the authorization logic. Make sure to follow instruction below, to gain benefits of the new solution.

Benefits of the new authorization logic

With the introduction of the automatic authorization method, we can distinguish several advantages over the previous, manual authorization logic:

  • Increased safety: The new automatic authorization method enhances the security of your Jira Cloud and Microsoft Azure integration. By leveraging modern authorization protocols and mechanisms, it provides a robust and secure framework, mitigating potential vulnerabilities and safeguarding sensitive data.
  • No manual API permissions: With the new method, the cumbersome task of manually setting API permissions is eliminated. The automatic authorization streamlines the configuration process by handling the necessary permissions and access controls automatically. This saves time and effort for administrators, ensuring a smoother integration experience.
  • Elimination of authorization key copying: The new method removes the need to manually copy authorization keys between Jira Cloud and Microsoft Azure AD. It simplifies the setup process, reducing the chances of errors and minimizing potential security risks associated with manual key handling. This simplification promotes a more efficient and hassle-free integration workflow.
  • Elimination of the client secret: New method completely removes the need of generating the client secret. You no longer have to worry about the expiration date of the client secret.
Info
  • After updating the authorization method, the app will be added to the Enterprise applications list; the application list under App registrations will remain the same.
  • Updating the authorization method doesn’t affect the previously registered app. The new app will be used for synchronization, and the old one may be deleted.
  • Updating the authorization method doesn’t affect end-users in any way.

Connecting for the first time

Steps

To connect Azure AD to Jira:

  1. In Jira, navigate to Jira settings > Apps.

  2. In the Azure AD Attributes section, click Configuration.

  3. Click Add directory

    Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD

  4. Type in the directory name, provide primary domain, or tenant ID and click Generate authentication link

Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD
  1. Follow the newly generated link, to authorize the app in the Azure Active Directory. If you are not an Azure AD admin, provide this link to a proper person.
    Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD

Note

Note that the app will ask you to configure Azure AD permissions. Here you can learn the details about them.

Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD
  1. The link will take you (or the Azure admin) to the authorization site in the Azure Active Directory. To finish the authorization process click Accept.
Info

Clicking Accept on the Microsoft Azure side will result in the installation of our app on the Azure instance. It will be visible in the Azure Enterprise applications section. This is a proper behavior for all marketplace apps.

Results

The Azure AD Attributes Sync for Jira app is connected to Microsoft Azure Active Directory.

Quick Guide

Click through the live demo to see how to connect the app to Azure AD.

Updating connection (connection created before 10.07.2023)

Warning

As the manual authorization method has been deprecated, if a connection was created before 10th July 2023, you will have to update your authorization method.

If you don’t update your method now your connection won’t stop running and data will continue to be exchanged between Jira and Azure Portal, still we strongly recommend updating the authorization method now, for safer and more efficient process.

To update the authorization method:

Steps

  1. In Jira, navigate to Jira settings > Apps.
  2. In the Azure AD Attributes section, click Configuration.
  3. Click Update authorization
  4. Confirm the directory by providing a tenant ID and clicking Generate authentication link
  5. Follow the newly generated link, to authorize the app in the Azure Active Directory. If you are not an Azure admin, provide this link to a proper person.
  6. The link will take you (or the Azure admin) to the authorization site in the Azure Active Directory. To finish the authorization process click Accept.
Info

Clicking Accept on the Microsoft Azure side will result in the installation of our app on the Azure instance. It will be visible in the Azure Enterprise applications section in Azure Portal. This is a proper behavior for all marketplace apps.

Tip

You can try the live demo below to click through the new setup.

Results

The authorization method has been updated.

Multiple directories

You can include more than one Microsoft Azure directory.

Info

Multiple directories feature follows the logic described below:

  • Application searches all directories for a user with selected attributes, starting with the topmost directory on the list
  • Application fetches the data from the first directory that contains given user
  • Application stops searching the directories at the moment of the first successful mapping
  • All authorized directories share the same configuration

Steps

  1. Navigate to Jira settings > Apps.

  2. In the Azure AD Attributes section, click Configuration.

  3. Click Add directory.

    Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD

  4. Type in the directory name, provide primary domain or Tenant ID of your Azure instance.

  5. Click Generate authorization link

    Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD

  6. Follow the newly generated link, to authorize the app in the Azure Active Directory. If you are not an Azure admin, provide this link to a proper person.

  7. The link will take you (or the Azure admin) to the authorization site in the Azure Active Directory. To finish the authorization process click Accept.

Result

Additional directory has been added to list of your directories:

Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD

Note
  • You can rearrange the order of your directories with the drag and drop functionality
  • You can include up to 4 additional directories. After exceeding the limit of 5 directories, the Add directory option will become unavailable

Directories panel

Newly added directories will be visible in the directories panel.

There are two distinguishable directory statuses:

  • Active - when a directory has been configured properly and the synchronization is running
Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD
  • Inactive - when a user removes the app from the Azure Active Directory instance, when the user revokes the permission in the Azure Active Directory instance, or when the Azure Active Directory admin does not accept the authorization.
Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD

You can troubleshoot the inactivity issue by clicking on the generated link, to authorize app in the Azure AD again.

Removing directories

Steps

  1. In Jira, navigate to Jira settings > Apps.
  2. In the Azure AD Attributes section, click Configuration.
  3. Click on the bin icon next to the directory you wish to remove.
Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD
  1. Click Delete on the confirmation screen.
    Azure AD Attributes for Jira - Connecting Azure AD Attributes with Azure AD

Results

The directory has been removed. The synchronization of attributes will be stopped, but its configuration will remain intact.

Next up

Now that the connection between Azure AD Attributes Sync for Jira and Azure Active Directory has been established, the next step is to match the users between the platforms. The Matching users chapter provides detailed instructions.

Need help?

If you can’t find the answer you need in our documentation, raise a support request.