Integrate ADManager Plus with Jira Service Management to perform AD actions directly from the tickets raised

How to integrate ADManager Plus with Jira Service Management Cloud to perform AD actions using the tickets raised in the Jira console

Overview

By integrating ADManager Plusa comprehensive IGA solutionwith Jira Service Management Cloud, you'll be able to streamline and resolve identity management request tickets across multiple applications.

For instance, upon ticket creation, ADManager Plus can trigger actionssuch as user provisioning, modifications, deprovisioning, etc.in AD and other applications, along with updating the ticket status. This seamless integration enhances efficiency, ensuring that IT support actions are synchronized and expedited, ultimately leading to improved productivity and smoother workflows.

In this article, you will learn how to integrate ADManager Plus with Jira Service Management Cloud and the actions that can be performed after this integration.

How to integrate ADManager Plus with Jira Service Management Cloud 

ADManager Plus offers flexible endpoint configuration options to configure APIs that interact and exchange data with the Jira Service Management Cloud application. This setup entails configuring the necessary APIs for specific actions according to the Jira Service Management Cloud app's documentation.

The inbound and outbound webhooks help data transfer between Jira Service Management Cloud and ADManager Plus. ADManager Plus can be integrated with Jira Service Management Cloud by performing the following steps:

  1. Authorization configuration

Configure the authorization method to authorize API requests.

  1. Inbound webhook configuration

Configure endpoints to fetch a list of tickets from Jira Service Management Cloud.

  1. Outbound webhook configuration

Configure an API to sync data between ADManager Plus and Jira Service Management Cloud or to perform a task in Jira Service Management Cloud.

Prerequisites

  1. To perform AD management actions from the tickets raised in the Jira Service Management console, you need a Jira ticket form that has customized fields to process the required action.

For example: A separate ticket form for user creation requests which has specific fields like givenName, firstName, employeeID, etc.

If you don't have Jira tickets setup already, refer to the help page links given below to create custom service issue forms, create custom fields, or generate API tokens in Jira Service Management Cloud.

  1. This integration uses Basic authorization to authorize API requests using your Jira Service Management Cloud username and API token.

  2. To configure the APIs, the cloud ID and instance URL are required.

  3. The minimum privileges required for a user account in Jira are as follows:

  • Users need to have either an admin account or service account in their Jira Service Management Cloud instance.

  • If they have a service account, the Service Desk Team role must be assigned to that account.

  • To verify this:

      • Log in to your Jira instance using the service account.

      • Check whether you can view the tickets from a particular project. If you are not able to do so, contact your administrator team for more information on your account privileges.

 

  1. Grant ADManager Plus the capability to read tickets, ensuring efficient access of relevant ticket information.

  • Navigate to Jira API documentation > Profile > Developer console.

  • Select My apps and choose ADManager Plus.

  • From the left pane, choose Permissions.

  • Click Configure next to Jira API.

  • Select Edit Scopes, check the box for read:jira-work, and then click Save.

  • Go to the Granular scopes tab and click Edit Scopes.

  • Search for the read:issue-details:jira and read:issue:jira scopes, check the box next to each of the scopes, and then click Save.

Authorization configuration

  1. Log in to ADManager Plus and navigate to the Automation tab.

  2. In the left pane, under Configuration, click Application Integrations.

  3. Under Enterprise Applications, click the Jira Service Management Cloud tile.

  4. Toggle the Enable Jira Service Management Cloud Integration button on.

  5. In the Jira Service Management Cloud Configuration page, click Authorization.

  6. Jira Service Management Cloud uses Basic Authentication to authorize API requests.

  7. Provide the email ID used to login to your Jira instance as Username and API token as Password.

  8. Click Configure.

Inbound webhook configuration

Inbound webhook enables you to fetch issue data from Jira Service Management Cloud to ADManager Plus. The pre-configured API allows you to import all the ticket information from your Jira instance. However, if you would like to selectively import Jira tickets, you can either modify the pre-configured endpoint, configure a new endpoint as per Jira's API references, or use Advanced Filters in automation. The attribute mapping configured in this section can be selected as the data source while configuring automation. To configure an inbound webhook for Jira Service Management Cloud:

  1. Under Inbound Webhook, click Jira Service Management Cloud Endpoint Configuration.

  2. In the Endpoint Configuration tab, an endpoint (Jira Software ISSUES ENDPOINT) comes pre-configured with Endpoint URL, API Method, Headers, and Parameters fields to fetch Jira tickets. If you would like to use this pre-configured endpoint, replace {cloudiD} with the cloud ID of your Jira Service Management instance in the Endpoint URL field. However, if you would like to use a new endpoint to import tickets of different categories, you can configure one using the + Add API endpoint button and filling in the required fields as per Jira Service Management Cloud's API references. Click here to learn how to configure a new endpoint.

  • JQL parameter can be modified to filter the tickets based on status, type, or other details.

  • Enter % to get a list of macro suggestions or click the % icon present at the end of fields to view all the macros and use them to configure the fields.

  1. In the Settings tab, the Repeat Calling This Endpoint option has been enabled by default to repeatedly call the API until you get all the required data. The Repeat Call Configuration has been pre-configured to increase the startAT parameter value by 50 (this means it will fetch 50 tickets in each API endpoint call). 

  2. In the Repeat Call Criteria field, the condition has been pre-configured to repeat the API call until the response has no issues.

  1. Once done, click Test & Save. A response window will display all the requested parameters that can be fetched using the API call. Click Proceed.

  1. Click + Add New Configuration and perform the following:

    • Enter the Configuration Name and Description, and select the Automation Category from the drop-down menu.

    • In the Select Endpoint field, select the desired endpoint and a Primary Key that is unique to a user (e.g. employeeIdenifier).

    • In the Attribute Mapping field, select the attribute from the LDAP Attribute Name drop-down menu and map it with the respective column in your Jira Service Management Cloud instance.

  2. Click Save.


Information: If you want to update the changes made in AD using ADManager Plus to your Jira Service Management Cloud instance, set up the outbound webhook configuration as given in the following section.

Outbound webhook configuration

Outbound webhooks enable you to create, update, and close your Jira Service Management Cloud tickets from ADManager Plus. The webhooks configured in this section can be included in Orchestration Templates, which in turn can be used during event-driven and scheduled automations.

Prerequisite

The issue ID fetched from Jira Service Management Cloud must be mapped with the respective user in AD to perform any management actions on the Jira tickets using ADManager Plus' outbound webhooks.

You can use the existing outbound webhooks to update the tickets, or if you wish to include more actions, you can add more API endpoints by following the steps provided below:

  1. Under Outbound Webhook, click Jira Service Management Cloud Webhook Configuration.

  2. Click + Add Webhook.

  3. Enter a name and description for this webhook.

  4. Refer to Jira Service Management Cloud's API references and decide on the action that has to be performed and the headers, parameters, and other requirements that will be needed.

  5. Select the HTTP method that will enable you to perform the desired action on the endpoint from the drop-down menu.

  6. Enter the endpoint URL.

  7. Configure the Headers, Parameters, and Message Type in the appropriate format based on the API call that you would like to perform.

  8. Click Test and Save. A pop-up window will then display a list of users and groups.

  9. Select the desired Jira users and groups over which this API request has to be tested and click OK. This will make a real-time call to the endpoint URL, and the selected objects' values will be updated in your Jira Service Management Cloud instance.

  10. A pop-up window will then display the webhook response and request details. Verify them for the expected API behavior and click Save.

 Actions that can be automated in ADManager Plus   

Upon integration, administrators can configure automations to carry out the desired tasks. These automations can be monitored and controlled by implementing multi-level business workflows, which ensure that they are reviewed and approved before execution. The following are some sample actions that can be automated:

  • Create user accounts

  • Add users to groups

  • Modify user attributes

  • Remove users from groups

  • Modify user accounts by template

  • Create mailbox

  • Reset passwords

  • Disable or delete mailbox

  • Unlock user accounts

  • Move Home Folder

  • Enable user accounts

  • Delete Home Folder

  • Disable user accounts

  • Revoke Microsoft 365 licenses

  • Delete user accounts

  • Manage users' photos

  • Run custom scripts

  • Disable Lync accounts

  • Move users across groups

  • Configure auto-reply settings

This list is not exhaustive, and to get a list of all the actions that can be automated by selecting Jira Service Management as the data source, click here



                    New to ADSelfService Plus?