Hi we are explaoring a way to auto-provision access to various app as soon as a request is created with the help of Jira automation, but havent found a way around this. Does anyone know how to connect this either via API or some other means
Welcome to the Atlassian developer community @AditiSolanki,
Can you clarify the concept of “provision” in your context? Do you mean you want to use Automation to automatically install apps from Marketplace?
Hi @ibuchanan, Thanks!
To answer your question, we plan to integrate EntraID with Atlassian with the help of automation (calling Rest API) which can assign groups/role assignments based on the request type.
I see. Let me play that out as an example, please correct me if I’m wrong. A user wants to access Confluence Cloud. They open a JSM support request. You want to automate putting that user into the right group so they get Confluence Cloud.
Here’s what I would recommend. You should connect Microsoft Entra ID (I just learned this is the new name for Microsoft Active Directory) to Atlassian Access as an IdP. You will need to create (or map) “default groups” in Entra ID for Jira & Confluence users. When the user should be provisioned to Confluence, for example, you would add the user to the “confluence users” group. Bottom line, Entra ID is the source of truth for user provisioning to Atlassian products.
Then layer on the JSM requests. The role of Automation is to tell Entra ID to add a user to a group.
There is a Cloud Admin API for adding a user to a group. However, I don’t recommend this when your source is already an IdP with a known path of integration to Atlassian.