Permissions
To use the app’s full potential and read as well as edit user data, Azure AD Attributes Sync for Jira requires a set of
Azure AD permissions. However, if you plan on using only some of the app’s functionalities, the permissions can be adjusted at any moment by the Azure AD admin.
During the first Azure AD Attributes Sync for Jira configuration, you’ll have to accept all the permissions to establish the connection between Azure Active Directory and the app. However, after that you can update the permissions according to your preferences. You’ll find the instruction on how to do that along with the permissions’ description in the further part of this chapter.
Update permissions in Azure AD
Steps
Here is how to update the permissions in Azure AD:
- In Azure AD, go to Enterprise Applications.
- Choose Azure AD Attributes for Jira.
- Go to Permissions.
- Click Grant admin consent for the directory.
- Click Accept.
Permissions’ details
The app will ask you to configure the list of permissions according to your preferences. Below, you’ll find them in the same order as they appear in the app, along with
short descriptions explaining what each permission is for and what will happen if you turn it off:
- User.Read permission is required to add the app to the directory, which makes it essential for the app’s key features to work.
- Application.Read.All permission is necessary to display Azure AD custom user attributes in Jira fields.
- Device.Read.All permission is necessary to synchronize information about devices assigned to the users.
- Group.Read.All permission is necessary to synchronize information about licenses assigned to the users.
- RoleManagement.Read.Directory permission is necessary to display groups and roles.
- User.Read.All permission is necessary to read user details, which makes it another essential permission for the app’s key features to work.
- User.ReadWrite.All permission is necessary for the Azure AD Sync - Update user’s attributes in Azure AD post function to work (you won’t be able to edit user information without this permission), but other app features will work properly.
Permissions for the newest app version don’t automatically show on the permissions list in the app. They’ll appear when the admin uses the Grant admin consent button.
You can revoke permissions individually by selecting Revoke Permission from the three dots menu next to the permission you wish to cancel.
If you can’t find the answer you need in our documentation, raise a support request.