Integrate Intune security in mobile app policy
You can use Microsoft Intune to manage the security of Atlassian mobile apps, such as Jira and Confluence. This is useful when you use bring-your-own-device (BYOD) policies.
Microsoft Intune MAM (Mobile Application Management) allows organizations to manage and secure corporate data within mobile applications, without requiring control over the entire device. You can centrally administer your organization’s mobile app security settings, and manage policies for the same app across different user groups.
Who can do this? |
Before you begin, make sure you have:
An Atlassian Guard subscription
Admin access to Microsoft Entra and Microsoft Intune
Create an Intune mobile app policy
To create an Intune mobile app policy:
admin.atlassian.com に移動します。 複数の組織がある場合は、対象の組織を選択します。
[セキュリティ] > [モバイル アプリ ポリシー] の順に選択します。
Select Use an Intune policy instead.
Or, if you have a mobile policy, select More actions (…) > Add Intune mobile policy.
ポリシーに含めるアプリを選択します。
Select Create policy.
After you create the Intune policy in Atlassian, you need to set up the integration with Microsoft Intune.
Integrate Atlassian mobile app with Intune
To see an Atlassian mobile app in Microsoft Entra, you need to complete the login flow on your mobile device. The Entra enterprise application for the app will only appear in Entra after you’ve gone through this process.
To register the Atlassian mobile app:
Download and install the Atlassian mobile app (such as Jira Cloud or Confluence Cloud) on your mobile device.
Open the app and select Log in.
Enter your work email address and follow the prompts to sign in with your Microsoft account.
If prompted, install the Intune Company Portal app (for Android) or Microsoft Authenticator app (for iOS).
Complete the sign-in process and any required authentication steps.
After you finish logging in, the Atlassian mobile app appears as an enterprise application in Microsoft Entra. You can then return to the Entra admin center to assign users and configure policies for the app.
Configure permissions in Microsoft Entra
To configure security permissions for Atlassian mobile apps you need to:
grant admin consent for permissions in Microsoft Entra
set up the app protection policies
Grant admin consent for permissions
You need to grant admin consent for Atlassian mobile apps in Microsoft Entra before users can access them with Intune policies. Consent must be granted for every Entra domain that is in use and claimed in your Atlassian organization.
To see the domains that you verified for this organization:
admin.atlassian.com に移動します。 複数の組織がある場合は、対象の組織を選択します。
Select Settings > Domains.
To grant admin consent for permissions:
Go to entra.microsoft.com and sign in with your Microsoft admin account.
Select App registrations, then New registration.
Select the text link, Enterprise applications, in this text: “Register an app you’re working on here. Integrate gallery apps and other apps from outside your organization by adding from Enterprise applications.”
4. In the list of applications, search for Confluence Cloud by Atlassian or Jira Cloud by Atlassian. Application IDs for these are:
Confluence Cloud by Atlassian:
6337eee3-da0f-4c22-a340-9b72146c78ffJira Cloud by Atlassian:
def4cf53-d350-4ec9-b39e-96cd612c301e
5. Select the app you want to configure.
6. Select Permissions, then select Grant admin consent.
Repeat these steps for each Entra domain that is in use and claimed in your Atlassian organization.
Set up app protection policies in Intune
You can use Intune to create app protection policies for Atlassian mobile apps. Make sure you have the required permissions in Microsoft Intune before you begin.
To set up app protection policies:
Go to intune.microsoft.com and sign in with your admin account.
Select Apps > Protection > Create.
3. Choose either Android or iOS/iPadOS.
4. In the Apps section, navigate to Select custom apps.
5. Enter the package ID (for Android) or bundle ID (for iOS) for the Atlassian app you want to protect, then select Add.
6. Choose the package or bundle ID from the list, then select Select.
7. Confirm that the package or bundle ID appears under Custom apps.
8. Refer to Intune support documentation to complete this setup.
Identifier IDs for target apps
Required package or bundle IDs you’ll need to enter in Intune to target the app with your policy.
Target app | プラットフォーム | Identifier type | ID |
|---|---|---|---|
Jira Cloud | Android | Package ID | com.atlassian.android.jira.core |
Jira Cloud | iOS/iPadOS | Bundle ID | com.atlassian.jira.app |
Confluence Cloud | Android | Package ID | com.atlassian.android.confluence.core |
Confluence Cloud | iOS/iPadOS | Bundle ID | com.atlassian.confluence.app |
Re-log into the mobile app
After you complete the setup, you need to re-log into your Atlassian mobile app to access your organization’s content.
To re-log into the mobile app:
Open the Atlassian mobile app on your device.
Sign out if you are currently logged in.
Sign in again with your work account.
Follow any prompts to complete authentication.
After you have logged in again, you will have access to all content in your organization.
Manage Intune mobile app policies in Atlassian
A mobile app policy allows you to integrate your organization’s Intune security settings with Atlassian mobile apps. When you link Intune’s security settings to your mobile app policy, you can apply your security standards to Atlassian apps across your organization.
Edit an Intune mobile app policy
To edit an Intune policy:
admin.atlassian.com に移動します。 複数の組織がある場合は、対象の組織を選択します。
Select Security > Mobile app policies.
For the Intune policy you’d like to edit, select More actions (…) > Edit.
Delete an Intune mobile app policy
To delete an Intune policy:
admin.atlassian.com に移動します。 複数の組織がある場合は、対象の組織を選択します。
Select Security > Mobile app policies.
For the Intune policy you’d like to edit, select More actions (…) > Delete.
制限事項
Atlassian mobile apps do not support this setting: Start Microsoft Tunnel connection on app-launch
この内容はお役に立ちましたか?