We are actually looking to cover a solution from our jira platform.
We are using AZURE AD identitity management for handdling application catalog access.
Our goal is to automate the process of creating/adding a user into Azure AD from a Service Request issue from Jira Service Desk portal.
For exemple :
1- user submit a request from Jira Service Desk in order to have access to Confluence and RunDeck application
2 - The process should add automatically the user to the proper group in AD which then will have access to the application.
Does anyone have a solution how to approach this use case ?
Regards
Inbound Provisioning from Atlassian Jira to Azure AD is currently not supported. You can, however, voice your interest in such a feature or support similar ones in the Azure AD Feedback Forum.
Also, you can use the Graph API to automate user creation. Once a service request is complete, you can invoke the API for user creation from within Jira.
Related
This is more of an 'Is this possible' question. A developer on the team suggested using Azure AD for user management, but one of the requirements is that the app admin be able to add/manage user access through the application without having to go to the Azure Portal.
So the question is, is the Graph API (or some other mechanism) full featured enough to replace the portal (at least for basic user set up and management) and allow all actions to be done from the application UI?
Thanks.
Simple answer to your question is Yes. Graph API can be used to manage users and their access to applications instead of using Azure Portal. In fact, Azure Portal itself makes use of Graph API to perform these operations.
You may also need to use Azure REST API if you're planning on managing Azure resources as well through this custom application especially Authorization APIs if you want to manage access to Azure resources (Azure Role-based access control) through your application.
How I can change the option of scim provisioning from automatic to manual in Azure ?
It is enabled only when there is no automatic Azure AD provision connector available
Manual provisioning means there is no automatic Azure AD provisioning
connector for the app yet. User accounts must be created manually, for
example by adding users directly into the app's administrative portal,
or uploading a spreadsheet with user account detail. Consult the
documentation provided by the app, or contact the app developer to
determine what mechanisms are available.
I have a requirement to automate renewal of all the soon to be expiring azure resources PIM role but it seems there is no PowerShell module available at this moment for the PIM.
I also tried exploring rest api option but it appears that there is no rest end point available but I found graph api endpoints which seems to be supporting this feature but as per Microsoft documentation it doesn't support access via service principal so not sure how to proceed further on this.
Did anyone try this before, any suggestion?
In Azure portal, i wanted to create multiple useraccounts and then track those useraccounts for the data usage in Azure API management service. I can able to create the useraccounts but inorder to know how much data is used by those users for particular API, how can i get that metrics?
API Management has 2 portals and 2 types of users. The Azure Portal is used for API Managers (think users who publish APIs, operations, manage policy, etc.). The Developer Portal is used by developers who are using (think customers) of your API. In order to use an API the user/customer has to register with the Developer Portal and get a Subscription to a given API and the associated key. So you have to authenticate them.
The Developer Portal supports different authentication mechanisms including Azure AD. So if you plan to use Azure AD for your authentication for both portals you will need to configure it accordingly. https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-aad
fwiw - by default the Developer portal provides a form based authentication for developers
Metric wise once a developer is registered you will be able to report on their activity through API Management.
Is there any API or class that helps the user to programmatically pull the details of hosted services in azure if user key-in's subscription id.
I could do the above with references you guys referred.
IS there any possibility to get Subscription details like subscription Name using Windows Azure API's
You would need both subscription id and the management certificate from the user. Once you have these two things, you could use Windows Azure Service Management REST API: http://msdn.microsoft.com/en-us/library/windowsazure/ee460799.aspx to get details about the hosted services.
have a look at the Service Management REST API
for security reasons, it's not going to be as easy as entering a subscription id though.