Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Interests
See all
Community resources
Top groups
Explore all groups
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Get started Tell me more
Atlassian Community about banner
4,558,888
Community Members
 
Community Events
184
Community Groups

User properties (=account details) from Atlassian Access

Edited
Robert Szabo
Robert Szabo Mar 23, 2020

Hi Guys,

is there a way to use the user attributes synced from Azure AD to Atlassian Access in Jira automaiton or JQL? (These user related information also known as account details in Jira cloud)

https://confluence.atlassian.com/cloud/user-provisioning-959305316.html?_ga=2.145284535.261953757.1584949045-1049788169.1564737779

You can update these user attributes from you identity provider:

  • Display name
  • Email address
  • Organization
  • Job title
  • Timezone
  • Department
  • Preferred language

 

I found some promising signs like reporter.properties expression in JQL or the smart values in the new automation, but I couldn't make use of them. 

https://support.atlassian.com/jira-software-cloud/docs/smart-values-users/

One use case would be to use the reporter's department attribute from AD to auto assign the issue.

Any help would be appreciated!

Robert

Answer
Watch
Like Kalin U likes this
2801 views

4 answers

1 accepted

1 vote
Answer accepted
Angélica Luz
Angélica Luz
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
Mar 26, 2020

Hello Robert,

Thank you for reaching out to Atlassian Community!

The fields mentioned in the documentation are specific for the identity provider, the fields and values won't be stored in Jira. With that said, currently, it's not possible to get this information to use on automation or to show on a JQL search.

There is an add-on that you can use to show this information on tickets:

 If you have any other questions, please let us know.

Regards,
Angélica

View More Comments
Robert Szabo
Robert Szabo Mar 26, 2020

Thanks for the answer!

In the meantime, I've learned that REST API calls from scripting applications (Scriptrunner, JMWE) can be a workaround.

Like Angélica Luz likes this
Richard Crampton
Richard Crampton Sep 23, 2021

Is this still the case with the updates to Automation?

Like
Kalin U
Kalin U
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Oct 21, 2021

@Robert Szabo Can you perhaps share more about it? I'm interested in accessing the Organization & Department's user property from Azure AD and based on that, set a value in Jira field using A4J (Automation for Jira).

I don't really want to use 3rd-party scripting apps at the time.

Like
Robert Szabo
Robert Szabo Oct 21, 2021

Hello @Kalin U ,

I'm sorry but I don't have any new information on this. I couldn’t get it to work at the time, but I haven’t looked at whether there’s any progress in that area since.

But if you find new information then please share it, I am interested :)

Robert

Like Kalin U likes this
Reply
3 votes
Darryl Lee
Darryl Lee
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Mar 02, 2022

I know I'm necroposting, but I was excited to find this, and thought it *might* be useful:

If your IdP is properly syncing with Access (mine is not yet :-(, then you should be able to use the User Management REST API  to find Job Title and Department, which are the only attributes that currently can be synced.

I followed the directions to generate an admin API and then tested it thusly:

% curl -s -H "Authorization: Bearer YOURAPIKEY" https://api.atlassian.com/users/ACCOUNTID_YOU_WANT_TO_LOOKUP/manage/profile | jq .

Which returned:

{
    "account": {
    "account_id": "ACCOUNTID_YOU_WANT_TO_LOOKUP",
    "name": "John Doe",
    "nickname": "jdoe",
    "email": "jdoe@somecompany.com",
    "picture": "https://avatar-management--avatars.us-west-2.prod.public.atl-paas.net/default-avatar.png",
    "characteristics": {
    "not_mentionable": null
    },
    "account_type": "atlassian",
    "account_status": "active",
    "email_verified": true,
    "privacy_settings": {
        "name": "public",
        "nickname": "public",
        "picture": "collaborator",
        "extended_profile.job_title": "public",
        "extended_profile.department": "collaborator",
        "extended_profile.organization": "collaborator",
        "extended_profile.location": "collaborator",
        "zoneinfo": "collaborator",
        "email": "collaborator",
        "extended_profile.phone_number": "collaborator",
        "extended_profile.team_type": "private"
      }
   }
}

So in theory then, you could create an Automation webhooks call to extract things job_title or department

CAVEAT/WARNING

Admin API keys have read and write capabilities. Now, the Users API can't actually do much with Managed Accounts (maybe set location?), but there's a few other APIs that you probably don't want too many people to access. And since Automation doesn't have a way to hide/obfuscate API keys (in this case it would be in the Header), remember that any other Jira admins (or Project admins for project-based rules) would be able to see the key.

Reply
0 votes
schneich
schneich
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Mar 02, 2023 • edited

This might be related:

How to show additional information about users on ... - Atlassian Community

Tutorial: Azure Active Directory SSO integration with Atlassian Cloud - Microsoft Entra | Microsoft Learn

 

EDIT:  ... and there is the show stopper: [ACCESS-822] Support more synced attributes for SCIM User Provisioning - Create and track feature requests for Atlassian products.

Reply
0 votes
Darryl Lee
Darryl Lee Mar 02, 2022

I know I'm necroposting, but I was excited to find this, and thought it *might* be useful:

If your IdP is properly syncing with Access (mine is not yet :-(, then you should be able to use the User Management REST API  to find Job Title and Department, which are the only attributes that currently can be synced.

I followed the directions to generate an admin API and then tested it thusly:

% curl -s -H "Authorization: Bearer YOURAPIKEY" https://api.atlassian.com/users/ACCOUNTID_YOU_WANT_TO_LOOKUP/manage/profile | jq .

Which returned:

{
    "account": {
    "account_id": "ACCOUNTID_YOU_WANT_TO_LOOKUP",
    "name": "John Doe",
    "nickname": "jdoe",
    "email": "jdoe@somecompany.com",
    "picture": "https://avatar-management--avatars.us-west-2.prod.public.atl-paas.net/default-avatar.png",
    "characteristics": {
    "not_mentionable": null
    },
    "account_type": "atlassian",
    "account_status": "active",
    "email_verified": true,
    "privacy_settings": {
        "name": "public",
        "nickname": "public",
        "picture": "collaborator",
        "extended_profile.job_title": "public",
        "extended_profile.department": "collaborator",
        "extended_profile.organization": "collaborator",
        "extended_profile.location": "collaborator",
        "zoneinfo": "collaborator",
        "email": "collaborator",
        "extended_profile.phone_number": "collaborator",
        "extended_profile.team_type": "private"
      }
   }
}

So in theory then, you could create an Automation webhooks call to extract things job_title or department

CAVEAT/WARNING

Admin API keys have read and write capabilities. Now, the Users API can't actually do much with Managed Accounts (maybe set location?), but there's a few other APIs that you probably don't want too many people to access. And since Automation doesn't have a way to hide/obfuscate API keys (in this case it would be in the Header), remember that any other Jira admins (or Project admins for project-based rules) would be able to see the key.

View More Comments
Like
Reply

Suggest an answer

Log in or Sign up to answer
Identity Manager
Atlassian Access
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events

See all events