Apps documentation
Azure AD Attributes for Jira
Azure AD Attributes for Jira
Documentation
FAQ
Release notes
Last updated Jun 28, 2024

Permissions


To use the app’s full potential and read as well as edit user data, Azure AD Attributes Sync for Jira requires a set of Azure AD permissions. However, if you plan on using only some of the app’s functionalities, the permissions can be adjusted at any moment by the Azure AD admin.

Note

During the first Azure AD Attributes Sync for Jira configuration, you’ll have to accept all the permissions to establish the connection between Azure Active Directory and the app. However, after that you can update the permissions according to your preferences. You’ll find the instruction on how to do that along with the permissions’ description in the further part of this chapter.

Update permissions in Azure AD

Steps

Here is how to update the permissions in Azure AD:

  1. In Azure AD, go to Enterprise Applications.
    Go to Enterprise Applications
    Enterprise Applications
  2. Choose Azure AD Attributes for Jira.
    Azure AD Attributes for Jira
    Enterprise Applications
  3. Go to Permissions.
    Go to Permissions
    Enterprise Applications
  4. Click Grant admin consent for the directory.
    Grant Admin Consent
    Enterprise Applications
  5. Click Accept.

Permissions’ details

The app will ask you to configure the list of permissions according to your preferences. Below, you’ll find them in the same order as they appear in the app, along with short descriptions explaining what each permission is for and what will happen if you turn it off:

  • User.Read permission is required to add the app to the directory, which makes it essential for the app’s key features to work.
  • Application.Read.All permission is necessary to display Azure AD custom user attributes in Jira fields.
  • Device.Read.All permission is necessary to synchronize information about devices assigned to the users.
  • Group.Read.All permission is necessary to synchronize information about licenses assigned to the users.
  • RoleManagement.Read.Directory permission is necessary to display groups and roles.
  • User.Read.All permission is necessary to read user details, which makes it another essential permission for the app’s key features to work.
  • User.ReadWrite.All permission is necessary for the Azure AD Sync - Update user’s attributes in Azure AD post function to work (you won’t be able to edit user information without this permission), but other app features will work properly.
Note

Permissions for the newest app version don’t automatically show on the permissions list in the app. They’ll appear when the admin uses the Grant admin consent button.

Note

You can revoke permissions individually by selecting Revoke Permission from the three dots menu next to the permission you wish to cancel.

Revoke Permission
Revoke Permission
Need help?

If you can’t find the answer you need in our documentation, raise a support request.