Enable Self-Service access to Azure AD resources in Jira Service Management
Managing access to all the applications employees need is an important function for organizations. You want to grant employees the right level of access they need to be productive.
Using Multiplier, your internal users can request applications via the JSM portal. You can configure whether approvals are needed, and automatically provision upon approval.
1. Connect Multiplier to your Azure AD account by following these instructions.
2. Enable the application catalog in Multiplier's configuration.
3. To display a list of apps on the Jira Service Management portal, you will need to associate the app catalog with a Request Type. If you do not want to use an existing request type, then go to Project Settings > Request types and click Add new request type.
4. To provision apps immediately after they're requested, keep the require approval setting disabled. Otherwise, switching it on will display the default approval behavior when apps are requested, which can be further customized for each individual app.
5. If enabling approvals, you'll need to map the workflow status that a request transitions to once approval has been granted. This is how Multiplier determines whether approval has taken place so it can go ahead and carry out provisioning.
6. Select the field the issue uses for populating approvers (this is typically the Approvers field).
7. Select the default approver – this can either be the application owner, the requestor's manager or a Jira user of your choice.
8. Lastly, select the status Multiplier should transition the issue to once the app has been provisioned. If provisioning fails for some reason, this step will not be carried out.
Populating the App catalog
Multiplier will automatically discover apps once connected to Azure AD. You can view this list by clicking on Apps > Multiplier in the Jira top nav.
By default, all apps appear with an 'Unassigned' status. To make apps requestable and appear on the JSM portal, they will need to have an 'Approved' status.
Apps that have multiple identity groups mapped to them can be configured with different entitlements to let users select which type of access they're asking for. These access levels can then be mapped to different identity groups.
Once you've completed the set up process, the apps will appear on your JSM request type: