Versions Compared

Old Version 21

changes.mady.by.user Mari Fuglem

Saved on

compared with

New Version Current

changes.mady.by.user Steinar Line

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In the Metadata step, paste the Directory (tenant) ID from clipboard into Tenant ID. The IDP Discovery URL is generated from default URL and tenant ID. Custom URL’s can also be inserted here.

...

5. Scopes

These are the scopes we were able to fetch from the metadata. You can add scope values from a list, start typing to add your own or unselect them. A minimum of one scope value is required.

...

In this step, you need to insert client credentials from Entra ID. Paste the Application (client) ID and the Client secret value you copied from Entra ID into the respective fields.

...

Paste the Application (client) ID and the Client secret value you copied from Entra ID in previous step into the respective fields.

...

7. Token configuration

You might want to configure some more claims for your ID tokens sent from Entra ID. If you want to test the default setup, simply skip this step.
One claim that might not come by default in your tenant is the email claim, which is a required attribute to create a user in Jira with Just-in-time user provisioning. To add the email claim, navigate to Token Configuration in your App Registration > Add Optional Claim. Select ID, and check the email claim checkbox:

...

During the first login on an App Registration, you will be prompted to give consent for the integrated Atlassian application to read user data. If your organization has activated that admin consent is required for logins, your Azure AD administrator will have to consent on behalf of the organization, under App Registrations > your app > API permissions:

...

Optional: Get group claims for user

Follow this guide to get group claims for user in the OIDC login:

https://kantega-sso.atlassian.net/wiki/x/K4FCEg

Optional: Get sAMAccountName from OIDC login

...