This add-on (plugin) provides SCIM server functionality with multiple IDP support that allows securely automate the exchange of user identity data between your IDPs and Atlassian Jira according to the SCIM specification v.2 or v.1.1. Thus, this gives you the ability to easily synchronize your user and group accounts from different IDPs such as OneLogin, OKTA, Azure, etc.
Table of contents
1. Plugin Installation
Log into your Jira instance as an admin.
Click the admin dropdown and choose Atlassian Marketplace. The Manage apps screen loads.
Click Find new apps or Find new add-ons from the left-hand side of the page.
Locate SCIM User Provisioning for Jira via search. The appropriate app version appears in the search results.
Click Free Trial to begin a new trial or Buy now to purchase a license for SCIM User Provisioning for Jira. You're prompted to log into MyAtlassian. SCIM User Provisioning for Jira begins to download.
Enter your information and click Generate license when redirected to MyAtlassian.
Click Apply license. If you're using an older version of UPM, you can copy and paste the license into your Jira instance.
2. Plugin Setup
3. Plugin Features
4. Plugin Health Check
Plugin health check can be performed by sending requests in accordance with the SCIM API spec. Let's consider examples of sending a GET request to the /Users endpoint (SCIM 2.0) in several ways.
4.1. Windows PowerShell
Hit the Windows+R to open the Run dialog box and type PowerShell in the text box. You may either hit "OK" or "Enter" to launch a regular PowerShell window. Copy the following code into PowerShell, after specifying your values for the $token and $url parameters:
$url="https://jiratest.luxplugins.com:2990/jira/rest/user-provisioning/1.0/scim/v2/Users"
$token="xxxxxxxxxxxxxxxxxxxxxxxxxxx"
$headers = @{
"Accept"="application/json"
"Authorization"="Bearer $token"
}
Invoke-RestMethod -Method Get -Uri $url -Headers $headers | ConvertTo-Json
Press Enter and analyze the result, for example:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 0,
"startIndex": 0,
"Resources": [
]
}
This is the correct response (no users in Directory yet). You can also direct the output to a file with an additional option on the command line as shown below:
Invoke-RestMethod -Method Get -Uri $url -Headers $headers | ConvertTo-Json | Out-File -FilePath .\response.txt
4.2. cURL
The curl utility can be used on various operating systems. Let's take Linux Ubuntu as an example. If curl is not already installed in your Linux system:
sudo apt update
sudo apt install curl
curl --version
Sending a request, Linux (with beautifying response JSON):
curl -X GET https://jiratest.luxplugins.com:2990/jira/rest/user-provisioning/1.0/scim/v2/Users
-H "Accept: application/json"
-H "Authorization: Bearer xxxxxxxxxxxxxxxxxxxx" | json_pp
Sending a request, Windows:
curl -X GET https://jiratest.luxplugins.com:2990/jira/rest/user-provisioning/1.0/scim/v2/Users
-H "Accept: application/json"
-H "Authorization: Bearer xxxxxxxxxxxxxxxxxxxx"
4.3. PostMan
Postman is an API platform for building, using and testing APIs. With a rich GUI, Postman simplifies your work. Let's see how we can create our request.
You can create a new request from a workspace, by using New > HTTP, or by selecting + to open a new tab.
Select Save to create your request. You can give your request a name and description, and choose or create a collection to save it in. Once your new tab is open, you can specify the details you need for your request:
Save your OAuth Bearer Token:
Click Send Button. Analyze the response:
5. Troubleshooting
5.1. Add logging for a plugin package (temporarly)
Sometimes our support team may ask you to enable some additional logging when troubleshooting a specific problem. You need System Administrator global permissions to do this.
To set the logging level for a new class or package:
Go to Administration > System.
Select Logging and profiling in the left-hand menu.
Scroll down to the Default loggers section.
Select Configure logging level for another package. This will let you enter the names of packages.
Enter the following name of package:
com.luxplugins.jira.plugin
Check the setting. Click Ctrl+F and enter luxplugins, then click Enter. Check the logging level of found record:
Upon completion of the collection of information, return the old value of the logging level WARN.
Note that any changes you make here are not persisted across server restarts. You will need to edit 'WEB-INF/classes/log4j.properties' to change levels permanently.