Use a Jira Service Management admin account with Assets available.
Setup guide
How to Use Entra ID Sync
Connect Microsoft Entra ID to Jira Service Management Assets in three focused steps: create the Assets schema, enter your customer-managed Microsoft app credentials, then preview or run the sync.
Use an Entra role that can create app registrations and grant admin consent.
The client secret is stored in Atlassian Forge Secret Store.
How it works
One calm flow from Atlassian users to enriched Assets records.
Start with Atlassian accounts
The app reads active Atlassian users and uses their email addresses as the matching key. That keeps the sync anchored to the people who actually exist in your Jira site.
Enrich from Microsoft Graph
For each matched email, the app calls Microsoft Graph and pulls the directory details your teams care about: display name, mail, user principal name, department, job title, account status, and manager information.
Write clean Assets records
The app creates or updates Employee records in Jira Service Management Assets, links them back to Atlassian accounts, marks active status, and keeps manager context available for service workflows.
Three easy steps
From empty Assets schema to synced directory records.
1
Create the Assets schema
Click Create Schema in the app.
The app creates a Jira Service Management Assets schema named Entra Directory with schema key ENTRA. It also prepares the managed Employee object type and the attributes needed for sync, including Entra User ID, full name, email, job title, Atlassian account ID, Jira user, active status, department, manager, and manager Atlassian account ID.
If another schema already uses the ENTRA key, rename or remove that schema before initializing this app.
2
Connect Microsoft Entra ID
Enter your tenant ID, client ID, client secret, and sync frequency.
In the app registration overview, copy the Directory (tenant) ID into Tenant ID and the Application (client) ID into Client ID. Then create a client secret under Certificates & secrets and paste the secret value into Client Secret.
Set Scheduled Sync Every to a whole number from 1 to 100 days. The app runs a daily scheduler and only performs the scheduled sync when your configured cadence is due.
3
Preview, run, and review
Generate a preview or run a manual sync.
Use Generate Preview to see the expected creates, updates, inactivations, unmatched Atlassian accounts, missing manager links, and warnings before writing to Assets. Use Run Manual Sync when you are ready to apply the changes immediately.
After sync, the directory appears in Jira Service Management Assets under the Entra Directory schema. The app dashboard shows the last manual sync, last scheduled sync, current run status, and recent run history.
Microsoft setup
Create the Entra app registration credentials and permissions.
1. Register or open an Entra app
In the Microsoft Entra admin center, go to Identity, then Applications, then App registrations. Create a new registration for this integration or open an existing customer-managed app.
2. Copy the IDs
From the app overview page, copy Application (client) ID and Directory (tenant) ID. These are the Client ID and Tenant ID values used by Auroright Entra ID Sync.
3. Create a client secret
Open Certificates & secrets, create a new client secret, and copy the secret Value immediately. Microsoft only shows the secret value once after creation.
4. Add Microsoft Graph permission
Open API permissions, add Microsoft Graph Application permissions, select User.Read.All, then grant admin consent for the tenant.