User Sync & Group Sync app syncs user and group information from Microsoft Entra ID (Previously known as Azure AD) to Jira, Confluence and Bitbucket. Users,
groups and directory details can by synced user group attributes. Sync can be performed manually, scheduled to run
after set time intervals, or during user login.
This way the administrator only needs to manage user accounts
in Microsoft Entra ID (Previously known as Azure AD). This reduces the administration time required to create users and groups in Atlassian modules such as
Jira, Confluence and Bitbucket.
Download And Installation
- Log into your atlassian instance as admin.
- Navigate to the settings menu and Click Manage Apps.
- Click on Find new apps .
- Locate miniOrange User and Group Sync app.
- Click Try free to begin a new trial or Buy now to purchase a license.
- Enter your information and click Generate license when redirected to MyAtlassian.
- Click Apply license.
1: Setup Microsoft Entra ID (Previously known as Azure AD)
- Log in to Microsoft Entra ID (Previously known as Azure AD) Portal
- Select Microsoft Entra ID ⇒ App Registrations. Click on New Application Registration.
- Assign a Name and choose the account type.In the Redirect Url, leave it blank and click on Register button.
- After Registration you can see the "Application ID" and the "Directory (tenant) ID". You will need both to
setup the Microsoft Entra ID (Previously known as Azure AD) in User Sync & Group Sync app.
- In the Left panel click on Certificates & secrets. click on the New client secret button. It will show you
the popup for adding a new client secret.
- Add "secret key" in the descripton and add expires in 1 year and click on Add button.Copy client secret keep
it handy it will reqired while Setup User Sync app.
- Select API permissions ⇒ Add a permission. Click on Microsoft Graph.
- Click Application permissions and Select below permissions
- Search for Directory and select the Directory.Read.All permission. Then search for user and
select User.Read.All
- After assigning permissions you have to click on Grant admin consent for Demo
2:
Setup User Sync & Group Sync app
- Open User Provisioning/Sync for Jira plugin configuration. Go to the Configuration tab.
Select Microsoft Entra ID (Previously known as Azure AD) from
the options.
- Fill in values according to the table below.
| App Name |
Enter unique name which you can identify in applist after configuration.
|
| Client ID |
Enter Microsoft Entra ID (Previously known as Azure AD) Application (client) ID which you will find in
overview page of the Microsoft Entra ID (Previously known as Azure AD) app.
|
| Client Secret |
Enter Microsoft Entra ID (Previously known as Azure AD) Client secret which were created while Setting up
Microsoft Entra ID (Previously known as Azure AD). |
| Tenant ID |
Enter Microsoft Entra ID (Previously known as Azure AD) Directory (tenant) ID which you will find in
overview page of the Microsoft Entra ID (Previously known as Azure AD) app.
|
| User Name Attribute |
Specify the attribute name where the username from Microsoft Entra ID (Previously known as Azure AD) will be stored. |
| Sync users from this group |
Provide a list of Microsoft Entra ID (Previously known as Azure AD) groups from which users will be synced |
| Set Scheduler Time Interval |
To synchronize user and group information automatically, choose the scheduler time
interval. |
- click on Save Settings
3: User Sync Settings
- Select the User Sync Settings tab from the left sidebar. Here you can configure different
settings about
user creation and updation.
- You can select the directory or can create a new one. Furthermore, you can choose from the following operations for provisioning users.
- You also have an option to set Default Project Lead and Default Component
Lead.
: Group Sync
Settings
- Select the Group Sync Settings tab from the left sidebar. Here you can configure different
settings about
group creation and group mapping.
- Here you can configure Default groups for new and all users.
- You can set Manual Group Mapping or On-The Fly Group Mapping.
1. Manual Group Mapping -
- Here you can manually map Bitbucket groups with the groups from IDP.
- You can also configure to import IDP groups, filter groups and whether to keep existing users or not.
2. On-The Fly Group Mapping -
- Here users will be assigned to groups in Bitbucket whose group name is the same as groups from IDP. If the
group doesn't exist in Bitbucket then it will be created.
- You can configure to keep the existing user groups, filter groups and apply regular expressions on the
groups.
5: Synchronization Process
- To perform user sync, click on the Synchronize option of your newly created app.
- When the synchronization is complete, you will be able to view newly created and updated user information in
Bitbucket User Management section.
6: Multiple IDPs
- The plugin allows for configuring SCIM provisioning on your SP (Service Provider) to accommodate your specific use case. To add another IDP, simply navigate to the "Configured IDPs" section. Select on Add new App to configure multiple provisioning connections.
