Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions
Community
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions
Forums
Home Q&A Discussion groups Articles Ask a question Search
Learning Events Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Entra ID automation “Add user to group” fails for Group - consent error but permissions look granted

Xijie Yi
Xijie Yi
December 19, 2025

Hi everyone,

I’m testing Jira Cloud Automation actions with Microsoft Entra ID, following the Atlassian doc Use Entra ID with Automation | Cloud automation Cloud | Atlassian Support The “Check if user is in group in Entra ID” action works, but “Add user to group in Entra ID” fails consistently.

In Automation audit log, the “Add user to group in Entra ID” step fails with: “User consent is required for this component.” 

I checked the Atlassian enterprise app in Entra shows Graph permissions including GroupMember.ReadWrite.All and it’s granted via Admin consent. 

Any help would be appreciated. Thanks!

Answer
Watch
Like Susan Waldrip likes this
182 views

3 answers

2 votes
Zänkert_ Moritz
Zänkert_ Moritz
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 20, 2026

I was able to get this working successfully, but only after a few important adjustments on the Entra ID side.

In my case, the user account that is configured under “Connected to Entra ID” in the automation rule needed to have the required Entra permissions assigned permanently. The application permissions alone were not sufficient, and using PIM‑activated roles did not work for automation calls – the group write actions kept failing as long as the roles were only eligible/activated via PIM.

What finally worked was assigning the following Entra roles as permanently active roles to the service account:

  • User Administrator
  • Groups Administrator

After that, the automation was able to add users to Entra groups without any issues.

Another detail: I could only make the rule work when using the group ID as the Group identifier type. Using the group name consistently failed in my setup.

Maybe this helps others running into the same problem

Reply
1 vote
Marc -Devoteam-
Marc -Devoteam-
Community Champion
December 20, 2025

Hi @Xijie Yi 

Have you gone over all prerequisites on both Jira and MS side?

Are all permissions set correctly and has the user executing the automation also the correct permissions?

Reply
1 vote
Tomislav Tobijas
Tomislav Tobijas
Community Champion
December 20, 2025

I've been trying to find the time to test this integration, but it wasn't a priority, so I didn't have a chance yet 👀

Based on the documentation you've also linked, what you could do is:

  • Double-check that the Atlassian app in Entra ID has all required permissions
  • If you have only granted admin consent, try having a user (with sufficient privileges) log in and explicitly grant consent for the app (like some other Jira and Entra admin)

There's also an official article: Third-party applications that connect to Automation, which ultimately directs you to the article you've mentioned. 

I do manage parts of Entra that are related to Atlassian in our environment, but I've never go in details when it comes to Microsoft Graph 🤔

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Management
Jira Service Management
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2026 Atlassian
    Privacy Policy Notice at Collection Terms Security