Versions Compared

Old Version 2

changes.mady.by.user Yuriy Shpek

Saved on

compared with

New Version Current

changes.mady.by.user Yuriy Shpek

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

2.
Anchor
Setup
Setup
Plugin Setup

2.1. Quick setup

Here, as As an overview, we will show how you can quickly create a new SCIM configuration and get the parameters to configure your IDP connection.

...

Let's look at the configuration options in more detail. Please navigate to the New Configuration tab again. Here we specify the parameters for creating a new configuration, which determine whether a new Jira internal directory will be created, the authentication method, the method for deactivating users and the ability to assign users to groups by default when a new user is registered.

  1. User Directory - by default you can select any Jira internal 'User Directory' or create a new one for user provisioning (Create new user directory option).

  2. Directory Name - specify the name of the directory to be created.

  3. Username that will be used for BASIC Auth - optional parameter. The name of an existing Jira user if you select the HTTP Basic authentication access control method. By default, if no username is specified, the OAuth2 Bearer Token (which acts as the authentication of the API request) method will be used.

  4. Delete users - If you select 'Yes' users will be completely deleted from Jira on delete operation. If you select 'No' users will be only disabled.

  5. Default Group(s) - a comma-separated list of groups that users will be added to when they are created through the provisioning process.

  6. Application Group(s) - there are three Jira applications: Jira Core, Jira Software and Jira Service Desk. Each of these applications allows users to create and use specific project types. Determine which applications the user will be associated with by default.

The created configurations are displayed on the General tab:

...

To set up a connection on the SСIM client/IDP side, you will need to specify the OAuth2 Bearer Token or Basic Auth (username and password) and the real URL corresponding to the value of the SCIM v2/v1 field.

3.
Anchor
Features
Features
Plugin Features

3.1. Utils for Existing Users/Directories

The plugin's internal logic of working with data is based on the automatic building of mapping for existing app users, groups and memberships with bindings to the corresponding directories. Mappings are stored in so-called SСIM tables. During the plugin regular operation, synchronization of SСIM tables is performed automatically. But, sometimes, you need manually sync data. For example, when you just installed a plugin, and you need perform an initial synchronization with users, groups, memberships and directories of the application. This operation does not affect the application data but only supplements the information in the SСIM tables with missing data.

Navigate to Utils for Existing Users/Directories tab.

  1. Build mapping for existing users, groups and memberships section.

  • Sync Users & Groups button (optional) - synchronize local users and groups for SCIM API. Initiates asynchronous execution of a background synchronization task on the server. As a result, SCIM tables data about users and groups will match application data.

  • Show statistics… - expand the block of information with the statistics of the last synchronization. During the execution of the background synchronization task, the information updates dynamically.

...

  1. Remove/Reset Users Data section.

  • User Directory drop-down menu - select a directory for further actions.

  • Remove Directory button - all users and groups of the selected directory in the application and SСIM tables will be deleted. Be careful, this operation is irreversible.

  • Clear All datа from SCIM Tables button - all users and groups of the selected directory in the SСIM tables will be deleted. However, if you then perform Sync Users & Groups, the data will be restored using information from the app. Note that the users and groups IDs will be changed (regenerated) in SCIM tables.

3.2. SCIM Customization

Navigate to SCIM Customization tab, Users last login info section.

Here you can enable the mode of displaying information about the user’s last login in responses to Get /Users requests. Information will be represented in the meta.lastLogin attribute and also according to User Enterprise Schema Extension (One Identity version).

...

Sync Users last login info button - is intended for initial synchronization the users last login info between the application data and the SCIM table. Further synchronization is performed automatically.

...

4.
Anchor
HealthCheck
HealthCheck
Plugin Health Check

...