So we've integrated with Azure AD using SAML. I've created an AD group for all our JIRA users, and I've granted that group application access in JIRA. Users sync over to JIRA just fine, and they can log in.
The problem is they can't access anything after logging in. I have to manually go add them to the jira-software-users group before they can see any projects, tickets, etc. I can't find any way to either automatically assign the jira-software-users group for these synced users, or to grant my custom AD group the same permissions from jira-software-users. Once they are assigned to jira-software-users, they are able to access everything as I expect (per the in-place permissions of course).
In my searching, the only reference I can find is about the "jira-users" role in the Global permissions section, but I don't see that role in there at all. I'm guessing that was removed since 2015, because I can't find any newer instructions on this.
Does anyone have a way to either:
1. Automatically assign the jira-software-users group to new users synced from SSO?
2. Grant a custom group the permissions necessary to view projects/tickets, in effect making it like the jira-software-users group?
I'm specifically calling out JIRA here, but the same goes for our confluence users.
Hi @Chris Payne ,
I can confirm that this is something that you can achieve with Atlassian Access and Azure AD. It is part of the Provisionning feature, you can have a look at this tutorial from Microsoft on how to set it up : https://docs.microsoft.com/fr-fr/azure/active-directory/saas-apps/atlassian-cloud-provisioning-tutorial
Basically, this will give you an option to map your Azure AD groups to a default access group (giving access to Jira, Confluence, etc).
Let em know if this helps,
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event