- Home
- Workflow for Jira
- Set Up the Access Governance Automation App for Jira with Okta
How to Set Up the Access Governance Automation App for Jira with Okta
Welcome to the Access Governance Automation app for Jira — your go-to solution for automating access requests and approvals across enterprise systems.
This step-by-step guide will walk you through setting up the app with Okta, helping your organization streamline access provisioning, reduce manual effort, and ensure compliance — all within Jira Service Management (JSM).
App Overview
The Access Governance Automation app for Jira is an advanced solution built on Jira Service Management (JSM) to simplify and automate access request workflows across your organization.
Instead of relying on manual request and approval steps, the app enables:
- End users to submit access requests through the JSM portal.
- Automated routing of approval workflows based on predefined rules.
- Instant provisioning actions once approvals are complete.
By automating these processes, the Access Governance Automation app for Jira ensures secure, policy-driven, and audit-ready access management across your tech ecosystem.
Try it for free
Pre-requisites
Before you begin, make sure you have the following:
- Admin access to Jira Service Management (JSM): Required to configure workflows, custom fields, and automation rules.
- Admin access to Okta portal: Needed to authorize integrations and manage access provisioning.
- Access Governance Automation app for Jira: Ensure the app is installed from the Atlassian Marketplace and properly licensed via miniOrange.
1: Retrieve Okta API Credentials
To connect Okta with the Access Governance Automation app for Jira, you’ll first need to generate an API token and retrieve your Okta domain.
Follow these steps:
- Log in to your Okta Admin Console.
- Navigate to: Security → API → Tokens.
-
Click Create Token.
- Enter a name (e.g., Access Governance Token).
- Copy and securely store the generated token — you won’t be able to see it again.
-
From the Okta dashboard, copy your Okta Domain URL.
Format: https://your-domain.okta.com.
2: Connect Okta to the Access Governance Automation App for Jira
Now that you have your Okta API credentials, it's time to integrate Okta with the Access Governance Automation app for Jira.
Steps to Integrate:
- Open App Connections from the sidebar.
- Click Connect new app and choose Okta.
-
Fill credentials for Okta:
- Application Name: A human-friendly label (e.g., "Company Okta").
- Application URL: Your Okta org URL (e.g., https://acme.okta.com).
- API Token: Create in Okta Admin — Security — API — Tokens.
- Click Save, then click Test Connection to verify that the integration is successful.
Tip: Use a dedicated service account for API tokens and rotate them periodically.
3: Portal Config — Set Project, Request Type, Fields, Statuses for Access Requests
Configure the Jira project, request type, fields, and status names used by access workflows. Complete this before creating automations.
- Jira Service Management Project: Select the JSM project used for access requests.
- Request Type: Select the request type within the chosen JSM project. This determines which custom fields are available.
- Access Level Field: In the selected JSM project and its request type, create a new custom field of type Select list (single choice). Then select that field here. It will store values like "App Label – L1".
- Approver Field: From the request type’s fields, choose a user/assignee field to hold the approver.
- Status: Map Approved and Denied status names used by your Jira workflows.
- Click Save Settings.
Access Level options are added to your Jira field when you save a workflow. On app rename, related options are removed and recreated automatically to reflect the new app name.
4: Define Access Rules for Okta
Once your Okta integration is connected, the next step is to define access rules within the Access Governance Automation app for Jira. These rules determine who gets access, what level, and who approves it.
How to Create Access Rules:
- Go to Workflow Automations and click Create New Automation.
- Workflow: Enter a clear name and a short description.
-
Access Request:
- Select Application.
- Enter an Access Level (e.g., L1, L2). When you save the workflow, the system will create the corresponding option in your configured Access Level Jira field, formatted as "App Label – Access Level".
- Choose an Approver (licensed, active user). The system stores the user’s accountId and sets it on the Jira issue in the Approver field you selected in Portal Config, when the selected workflow runs for the request.
- Enter the Access Group to be granted. This group must already exist in the connected application; otherwise the workflow will not run successfully.
- Review and click Save.
After saving, the Access Level option is created automatically if it doesn’t already exist.
5: Review Audit Logs for Compliance and Troubleshooting
Use Audit Logs to search, review, and export activity for troubleshooting and compliance.
- Open Audit Logs.
- Apply filters (Category, Initiator, Date/Range).
- Click Search to view results; use pagination to browse.
- Click Export to download CSV/JSON/PDF.
Best Practices for Admins
Maximize the efficiency, security, and compliance of your access management workflows by following these recommended best practices:
- Use service accounts for provider tokens; rotate them regularly.
- Keep Portal Config consistent (fields and status names) across projects.
- Always test connections after credential changes.
- Name workflows clearly (e.g., "Okta – HR L1").
- Review Audit Logs periodically and export for audits.
