Use Entra ID with Automation
This article refers to features that are currently rolling out. To find out when these features will be live on your site, keep an eye on our release notes or the Atlassian Community.
The Microsoft Entra ID integration with Automation is only available to Jira Service Management Cloud customers on Premium or Enterprise plans. Find out how to upgrade your plan.
You can connect your Microsoft Entra ID account with your project to automate the process of things like employee onboarding or managing permissions for teams.
To use these actions, you need to connect the Microsoft Entra ID app to Atlassian Automation. For most of the automation actions, you’ll get a connection setup message when you select them. Once the connection is established, you can automate actions and set up triggers based on Entra ID events, such as user added to a group or enable user in Entra ID.
The Send custom Entra ID request action has a different connection process (see details below).
You must be a Jira admin to connect Entra ID to Atlassian Automation.
Actions
Add user to group in Entra ID
You can use this action to add a user to a specific group in Entra ID.
Enter the following fields or select using smart values:
User ID: Enter the user ID you want to add in Entra ID.
Group ID: Enter the group ID.
Check if user is enabled in Entra ID
You can use this action to check if the user ID is enabled in a specific group in Entra ID.
Enter the following fields or select using smart values:
User ID: Enter the user ID you want to check in Entra ID.
Group ID: Enter the group ID.
Smart values
{{fetchedMicrosoftUser.accountEnabled}}– Returns the user ID of the account{{fetchedMicrosoftUser.userPrincipalName}}– Returns the user principal name for the user account.
Check if user is in group in Entra ID
You can use this action to check if a user belongs to the specified group in Entra ID.
Enter the following fields or select using smart values:
User ID: Enter the ID of user you want to check in Entra ID.
Group identifier type: Enter the type of field used to identify the group. For example, ID or group name.
Group identifier value: Enter the actual value or data corresponding to the selected Group identifier type. For example, if the Group identifier type is set to Group name, then the Group identifier value should be the actual name of the group.
Smart value
{{fetchedMicrosoftGroupMembership.result}} – Returns the result of this check action as true or false.
Enable user in Entra ID
You can use this action to check if a specific user is enabled in Entra ID.
Enter the following fields or select using smart values:
User ID: Enter the ID of user you want to check in Entra ID.
Get user details from Entra ID
You can use this action to retrieve the details about a specific user in Entra ID.
Enter the following fields or select using smart values:
User ID or user principal name: Enter the ID of user that you want to add to active directory. You can also use the user principal name for a user account, formatted as username@domain.com. This UPN is used for authentication and is typically set to match the user’s email address.
Smart value
{{fetchedMicrosoftUser}} – Returns the user ID.
Send custom Entra ID request
The Send custom Entra ID request action allows you to send a custom request to Entra ID using HTTP requests Get, Post, Put and Delete. This can be useful for automating a wide range of tasks beyond identity management. This action can be used with any valid Entra ID endpoints for scenarios where predefined actions cannot meet specific requirements.
Smart values
{{entra.response.body}} – Returns the response body.
{{entra.response.status}} – Returns the response status.
Register an app in Microsoft
Before creating a connection between your project and Entra ID, you need to register an app in the Azure portal.
Sign in to the Azure portal.
In the search bar, search for and select App registrations.
Select New registration.
Name the app and under Supported account types, select Accounts in this organizational directory only.
Under Redirect URI, select Web as the platform and enter
https://id.atlassian.com/outboundAuth/finishSelect Register.
Within the your new app registration, select Certificates & secrets, then Client secrets.
Select New client secret. This will generate a secret key which you will need when integrating your automation rule with Entra ID.
Integrate an automation rule with Entra ID
Each time you create a rule with the Send custom Microsoft Entra ID request action, you will need to create a connection using the details you received when you completed the app registration in Entra ID.
Before you begin
Add the permissions you need in the Azure portal.
All requests require the following permission as a minimum: user.read.all
From your service project, select Project settings, then Automation.
Select Create rule.
Create your rule using the Send custom Microsoft Entra ID request action.
When prompted to connect to Entra ID, select Connect.
Complete the form – name the connection and fill out the rest of the fields with the details you received when you registered the app in Entra ID.
Add the same permissions you added in the Azure portal.
Select Connect.
You will be taken to Microsoft to authorize the connection. Select Accept.
You’ll be taken back to Automation to complete the connection:
Enter the request path for the action. This consists of the API version and the endpoint, for example:
v1.0/me. Read more about Microsoft request paths.Choose the HTTP method.
Choose web request body…
Select Next.
Was this helpful?