Just a heads up: On March 24, 2025, starting at 4:30pm CDT / 19:30 UTC, the site will be undergoing scheduled maintenance for a few hours. During this time, the site might be unavailable for a short while. Thanks for your patience.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Connecting JIRA to Azure AD

Vilas Torgal
Vilas Torgal
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 26, 2014

Hi, We are exploring an option of installing the JIRA on one of our Azure servers and then connecting it to our corporate Azure Active Directory.

Appreciate any help in how to implement connecting JIRA to azure AD and with some inputs/pointers on way forward.

are there any readily available plugins for this purpose?

Answer
Watch
Like # people like this
38206 views

10 answers

1 accepted

5 votes
Answer accepted
Jeevan Desarda
Jeevan Desarda
Contributor
February 16, 2018

Microsoft has just released the FREE SAML single sign on plugin for our mutual customers. You can download the plugin from Microsoft Download Center and then use Azure AD JIRA app to connect with it. You can see the complete documentation from here and then use single sign on for it. 

Feel free to write back to us on our alias if you face any issues. 

Thanks.

FREE Plugin : https://www.microsoft.com/en-us/download/details.aspx?id=56506 

Documentation: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-jiramicrosoft-tutorial

View More Comments
john morrissey
john morrissey
Contributor
March 22, 2018

@Jeevan Desarda or @anyone 

do you know if the plugin available from MS will work with Jira installed on a *nix machine?  I'm trying to upload it but it keeps failing.  The MS doc states Jira has to be installed on a 64bit Windows OS but figured I'd ask if you had any experience

Like Pardip bhogal likes this
Andrew Best
Andrew Best June 11, 2018

Hi @john morrissey

The JIRA AAD plugin worked on Ubuntu LTS without any problems I could see.

I saw the same upload problem with the Confluence plugin MS offer for AAD. I found a work around by having the page download the plugin file from a web server instead of uploading from my local machine. Seemed to do the trick to get it installed. The confluence plugin broke more generally at this point and we couldnt complete its configuration in our tests.

I know that @Jeevan Desarda is working on some updates for the JIRA and confluence plugins at the moment to address version currency and some issues I opened with MS about them.

Like
gmrizzo
Giuseppe Rizzo July 31, 2018

I also installed the plugin on Ubuntu LTS without any problems. But there is a problem when using the plugin behind a reverse proxy. 

Confluence and Jira are installed as specified in the documentation.

Jira/Confluence <- HTTP -> Apache Reverse Proxy <- HTTPS -> Client

The generated urls for the identifier, the reply url and the sign on url are only http but https is required.

I'm currently in contact with microsoft to find a solution on this.

Maybe someone has an idea. 

This is just for your information.

Like
Maksim Skutin
Maksim Skutin August 8, 2018

 

@gmrizzo have you ever managed to find a solution?

Like
gmrizzo
Giuseppe Rizzo August 8, 2018

Hey @Maksim Skutin

not yet. I'm trying to work out a solution together with the support.

The issue is that the plugin tries to identify the url by itself. So it only gets the internal not encrypted url of jira.

Maybe a solution is to also enable SSL between jira and the apache reverse proxy. 

I will provide here more information when the time comes.

Like
Maksim Skutin
Maksim Skutin August 8, 2018

Hey @gmrizzo, how do you think, would it be possible to open public ticket for you?

Maybe a solution is to also enable SSL between jira and the apache reverse proxy. 

Actually this could be a reason.

Like
gmrizzo
Giuseppe Rizzo August 9, 2018

I thought about it but I didn't knew where to create the ticket.

Thank you for the link.

Like
gmrizzo
Giuseppe Rizzo April 24, 2019

@Maksim Skutin 

I don't know if this is anymore relevant but I will post my success for anyone having the same problem. 

Microsoft provided us with the updated version of the plugin with a well documented setup process. My fault was the missing "secure" attribute at the connector in the server.xml. After setting this according to the documentation to true everything worked fine.

https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/jiramicrosoft-tutorial 

I hope it helps someone.

Like # people like this
Maksim Skutin
Maksim Skutin April 24, 2019

@gmrizzo, thanks for the update!

Like
divya kaul
divya kaul
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 3, 2019

For the https in the JIRA URLs instead of http, make sure to have secure=true in the server.xml. 

Like
Dawn Fama
Dawn Fama
Contributor
January 22, 2020

Does anyone see an advantage to the paid Kantega add on vs the free MS Azure SSO ad on?

Like
Reply
1 vote
Richa Pathak
Richa Pathak
Contributor
October 30, 2019

Hi @Jeevan Desarda

 

I have tried installing Microsoft plugin on Jira and I am facing the same issue, The generated urls for the identifier, the reply URL and the sign-on URL are the only HTTP but https is required.

My jira is behind proxy and server.xml does have the secure= true entry but it' still not working.

is there any other solution for this problem?

 

Thanks:

Richa Pathak

View More Comments
gmrizzo
Giuseppe Rizzo October 30, 2019

Hey @Richa Pathak,

is your scheme setup HTTPS? I had the same issues configuring the plugin, my issue was a typo in the settings. 

https://docs.microsoft.com/de-de/azure/active-directory/saas-apps/jiramicrosoft-tutorial#configure-jira-saml-sso-by-microsoft-sso

Like Richa Pathak likes this
Richa Pathak
Richa Pathak
Contributor
October 30, 2019

Hi @gmrizzo

I also had typo in the settings. Thanks very much. It really helped! :)

Thanks:

Richa Pathak

Like # people like this
gmrizzo
Giuseppe Rizzo October 30, 2019

You're welcome

Like
Richa Pathak
Richa Pathak
Contributor
November 1, 2019

Hi all,

 

I made some progress and was able to successfully connect with SSO, however, every signed in user requires to be in Jira internal directory, is this the only option?

How can I make sync in place so that a user will get automatically created in Jira if it does exist in Microsoft Azure AD?

Any suggestions?

Like M Amine likes this
Reply
1 vote
Jira Administrator
Jira Administrator
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 13, 2017

It looks as though Microsoft is offering that connection now. 

https://azure.microsoft.com/en-us/marketplace/partners/atlassian/atlassiancloud/

I haven't tried it yet and was browsing here in the group to see if anyone else has connected to it. I am curious if everyone connected via Azure has to be a paid user, or if some can be paid users and other customers. 

Thanks

Russell Stanford

View More Comments
Jeevan Desarda
Jeevan Desarda
Contributor
February 16, 2018

Yes, we have ton of customers who are using Atlassian Cloud app to connect with JIRA on Cloud. This application on Azure AD app gallery is developed along with Atlassian team. So feel free to use it. 

This app is also available for FREE Azure AD customers and you can use it for all the organization users.

Like
Reply
1 vote
Jorge Pires
Jorge Pires
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
April 2, 2014

Have you been able to get a reply on this so far?

View More Comments
Jeevan Desarda
Jeevan Desarda
Contributor
February 16, 2018

Microsoft has just released the FREE SAML single sign on plugin for our mutual customers. You can download the plugin from Microsoft Download Center and then use Azure AD JIRA app to connect with it. You can see the complete documentation from here and then use single sign on for it. 

Feel free to write back to us on our alias if you face any issues. 

Thanks.

FREE Plugin : https://www.microsoft.com/en-us/download/details.aspx?id=56506

Documentation: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-jiramicrosoft-tutorial

Like M Amine likes this
Reply
0 votes
Robin Peters
Robin Peters
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 15, 2019

Hi friend,

I connected the Azure AD through the microsoft addon and it works nice.
But I still have to create the user first to internal jira directory otherwise I get "User is not available". Is there a way to create all users automatically? Or do I have to setup a user directory?
How to configure the user directory sync for the azure ad?

View More Comments
Erick Grimmer
Erick Grimmer April 23, 2019

I would like to know more about this as we are considering switching to Jira Service Desk. If we have to manually send an invite every time we have a new employee come on board before they can submit requests that is a deal breaker. 

Like
Russell Stanford
Russell Stanford
Contributor
April 23, 2019

We use the Azure AD SAML method to add users. You have to add them to the Azure AD enterprise application. They then appear in the list of users, or portal only users. When they sign in with their office 365 credentails + 2FA (if any) their account is linked to Jira. 

Like # people like this
Christian Wiemer
Christian Wiemer April 30, 2019

Hi Russel,

we setted up a test-connection between azure ad and Jira with the article discribed above (https://docs.microsoft.com/de-de/azure/active-directory/saas-apps/jiramicrosoft-tutorial)

Unfortunately it doesn't paste the Azure Ad user to jira on it's own, we have to create it manualy in the jira user directory (also with password details, which is a no-go in corporate use). 

If I understand you correct, your userdata from the Azure Ad is directly transfered to jira and then ready to use for all office365 users. Could you point out, how you made this happen.

Thx

Like
gmrizzo
Giuseppe Rizzo April 30, 2019

This would interest me too. Currently we need to add the users manually to JIRA user directory. An automatic transfer or setup at first login for the allowed users in the Azure AD enterprise application would be much appreciated. 

Like
Dawn Fama
Dawn Fama
Contributor
June 7, 2019

Rizzo, 

By chance do you connect JIRA with your company Active Directory? 

We are using the MS add on with JIRA and an Azure Proxy.  On Azure SSO there is a user claims section,  Make sure the user attributes match.

Also in JIRA manage add on for the microsoft add on, under SAML UserID Location

we chose 

User ID is in an Attribute element and entered sAMAccountName

Like
gmrizzo
Giuseppe Rizzo June 11, 2019

@Dawn Fama Did you mean by connecting JIRA to my company Active Directory to setup the AD as a user directory? We only use the AD inside the Azure Cloud with the DC service. From my knowledge there is only read access from the LDAPs interface available.

I don't get the second part of your comment. What do you mean with an Azure Proxy and where do I find the "user claims" section inside the Azure Portal?

Thanks in advance and for you effort 

Like
Dawn Fama
Dawn Fama
Contributor
June 11, 2019

We had a need to have JIRA accessible outside our network for mobile devices.  We don't have JIRA configured in the DMZ only on an internal server so our option was to have an Enterprise application configured in Azure.  We are using Azure as a proxy back into our network. 

Our JIRA instance has a user directory connectors configured using delegated LDAP Authentication.

In the User Schema settings there is an option for User Object Filter, we have this set to only look for users within a particular domain security group, this is so JIRA doesn't pull in the entire company domain.

I believe the user schema settings in JIRA have user attributes which need to match the same user attributes and claims on Azure.

Those were in the Single Sign On section

Like
Reply
0 votes
Lars Olav Velle
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 19, 2017

You can use SAML. This works with both premium and basic version of AZURE:

https://marketplace.atlassian.com/search?query=kantega

Reply
0 votes
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 2, 2017

Hello everyone,

I guess some of you will be interested in ODCC, a new plugin for Crowd: https://www.cleito.com/products/odcc/

(It is also available on Atlassian Marketplace at https://marketplace.atlassian.com/plugins/com.cleito.odcc/server/overview)

ODCC stands for Office 365 Directory Connector for Crowd. It allows you to add your Office 365 / Windows Azure Active Directory to Atlassian Crowd as if it were a standard LDAP directory.

You can see it in action here:

https://youtube.com/watch?v=SH8R_emN43U

(Disclaimer: I work for the vendor of this plugin)

View More Comments
Russell Stanford
Russell Stanford
Contributor
April 19, 2017

Nice, but it doesn't work for the cloud version of Atlassian. For cloud version you will have to have a Google Suite account or what @Lars Olav Velle mentions below. 

Like
Bruno Vincent
Bruno Vincent
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 19, 2017

@Russel Actually as far as I know (@Lars, please correct me if I'm wrong), Kantega's plugin is for server edition only so this won't work for Atlassian Cloud neither. But yes, SAML is the way to go for Atlassian Cloud and Atlassian has just launched a public beta for it: https://confluence.atlassian.com/confeval/other-atlassian-evaluator-resources/does-atlassian-cloud-support-saml

Like
Lars Olav Velle
Lars Olav Velle
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
April 19, 2017

We only support server edition due to technical limitations. If you are using JIRA cloud, then I`d check out the link @Bruno is referring to.

Like
Russell Stanford
Russell Stanford
Contributor
April 19, 2017

Didn't realize the link went to Kantega, but I was referring to the premium and basic version of Azure to connect to Atlassian with SAML.

Like
Jeevan Desarda
Jeevan Desarda
Contributor
February 16, 2018

Azure AD has a free app which you can connect to Atlassian Cloud. You can see the step by step instructions from Microsoft are here https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-atlassian-cloud-tutorial

Like
Reply
Reply
0 votes
Payal Baheti1
Payal Baheti
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
December 30, 2014

Is this feature available now ?? Can someone provide an update ?

View More Comments
Jeevan Desarda
Jeevan Desarda
Contributor
February 16, 2018

Microsoft has just released the FREE SAML single sign on plugin for our mutual customers. You can download the plugin from Microsoft Download Center and then use Azure AD JIRA app to connect with it. You can see the complete documentation from here and then use single sign on for it. 

Feel free to write back to us on our alias if you face any issues. 

Thanks.

FREE Plugin : https://www.microsoft.com/en-us/download/details.aspx?id=56506 

Documentation: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-saas-jiramicrosoft-tutorial

Like
Reply
0 votes
Timothy
Timothy
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 26, 2014

Did you try this? https://confluence.atlassian.com/display/JIRA/Connecting+to+an+LDAP+Directory

View More Comments
Vilas Torgal
Vilas Torgal
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 26, 2014

Thanks for the reply Timothy. We tried using the details from the link you mentioned and they are good for connecting with LDAP directory on-premise. However, we could not connect to cloud based Azure AD services. Any help in this regards would be great.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events