How to Set Up Identity Governance, Auditing & Access Control via JSM with Entra ID (Azure AD)

Welcome to the setup guide for the Identity Governance, Auditing & Access Control via JSM, your go-to solution for streamlining and automating access requests using Jira Service Management (JSM) and Microsoft Entra ID (formerly Azure AD).

This step-by-step guide will help you:

  • Integrate Entra ID with the app
  • Automate access approvals and provisioning
  • Improve visibility, compliance, and control over access management

By the end of this guide, you’ll have a secure, rule-based workflow in place for handling access requests across your organization, directly from your Jira portal.

App Overview

The Identity Governance, Auditing & Access Control via JSM is an advanced solution built on Jira Service Management (JSM) to simplify and automate access request workflows across your organization.

Instead of relying on manual request and approval steps, the app enables:

  • End users to submit access requests through the JSM portal.
  • Automated routing of approval workflows based on predefined rules.
  • Instant provisioning actions once approvals are complete.

By automating these processes, the Identity Governance, Auditing & Access Control via JSM ensures secure, policy-driven, and audit-ready access management across your tech ecosystem.

Pre-requisites

Before you begin, make sure you have the following:

  • Admin access to Jira Service Management (JSM): Required to configure workflows, custom fields, and automation rules.
  • Admin access to Entra ID (Azure AD) portal: Needed to authorize integrations and manage access provisioning.

1: Register an App in Entra ID(Azure AD)

To begin the integration, register a new app in Microsoft Entra ID (formerly Azure AD):

  • Log in to your Azure Portal.
  • Navigate to Azure Active DirectoryApp registrations.
  • Azure Portal with App registrations options highlighted
  • Click New Registration and fill the following details:
    1. Name: Provide Name for new application, for eg, miniOrange Access Automation App
    2. Redirect URL: Leave blank or enter dummy if required
    3. App registrations form inside the Azure Portal
    4. App registrations form inside the Azure Portal
  • After registration, go to the App Overview page and copy the Client ID and Tenant ID.
  • App overview section that lists all essential details such as Client ID and Tenant ID
  • Under Certificates & SecretsClient secrets, click New client secret.
  • Add a description and expiration period.
  • Copy the secret value and keep it on your person (you won’t be able to view it again later).
  • The Certificates & secrets tab inside the miniOrange Access Automation app
  • Navigate to API Permissions and click Add a permission
  • Select Microsoft GraphApplication permissions.
  • Add:
    1. User.ReadWrite.All
    2. Group.ReadWrite.All
     The API permissions tab inside the miniOrange Access Automation app
  • Click Grant admin consent to apply these permissions.

2: Integrate Entra ID with the Identity Governance, Auditing & Access Control via JSM App

Navigate to App Connections from the sidebar

Open the Identity Governance, Auditing & Access Control via JSM app and navigate to App Connections from the sidebar. Click + Add Integration and select Entra ID from the list. Enter the following details in the Connect Entra ID panel:

Enter the connection details for Entra ID
  • Connection Name: A friendly name to identify this Entra ID connection for other admins (e.g., "My Entra ID").
  • Client ID: The Application (Client) ID from Azure Portal → Azure Active Directory → App registrations → [Your App] → Overview.
  • Application Token/Secret: The Client Secret Value from Azure Portal → App registrations → [Your App] → Certificates & secrets → New client secret.
  • Directory (tenant) ID: The Directory (Tenant) ID from Azure Portal → Azure Active Directory → Overview → Tenant information.
  • Application Admin: Select a licensed Atlassian user who will manage this connection.
Note: This connection is used for identity read & access governance only. Credentials are encrypted in transit and at rest, and are only used for sync and governance operations.

Once all fields are filled in, click Connect Entra ID to save the integration.

Configure Automation Rules for Entra ID

Now that Entra ID is connected, configure automation rules to define how access requests are routed, approved, and provisioned in Entra ID. Follow the guides below to set up each rule type:

Did this page help you?

miniOrange Atlassian Contact Us

Book a Free Consultation with
Our Experts Today!

Schedule a call now!


Contact Us