RectifAI
Back to site

Entra Sync

Entra Sync — Setup Guide

Step-by-step setup guide for the Entra ID & Intune Sync Atlassian Marketplace app.

Entra Sync — Setup Guide

This guide walks you through the complete setup from Marketplace installation to your first successful sync.

Prerequisites

  • An Atlassian Cloud site with Jira Service Management and Assets enabled
  • An Azure subscription with Entra ID (formerly Azure Active Directory)
  • Global Administrator or Application Administrator rights in Entra ID to create an App Registration
  • Jira Administrator rights on your Atlassian site

Step 1 — Install from the Marketplace

  1. Visit the Atlassian Marketplace listing
  2. Click Get it now and select your Jira Cloud site
  3. Complete the installation. The app appears in your Jira Apps menu as Entra Sync

Step 2 — Create an Entra App Registration

  1. Open the Azure Portal and navigate to Entra ID → App registrations
  2. Click New registration
  3. Name it something recognisable (e.g. Atlassian Assets Sync)
  4. Set Supported account types to Accounts in this organizational directory only
  5. Click Register
  6. Copy the Application (client) ID and Directory (tenant) ID — you'll need these shortly

Step 3 — Add API permissions

In your App Registration, navigate to API permissions → Add a permission → Microsoft Graph → Application permissions and add:

Application.Read.All
Device.Read.All
Group.Read.All
User.Read.All

After adding all four, click Grant admin consent and confirm.

All permissions are read-only. The app never writes to Entra ID or Intune.

Step 4 — Create a client secret

  1. In your App Registration, go to Certificates & secrets → Client secrets → New client secret
  2. Set an expiry (24 months is typical)
  3. Click Add and immediately copy the Value — it won't be shown again

Step 5 — Configure the app in Jira

  1. In Jira, open Apps → Entra Sync → Settings
  2. Enter your Tenant ID, Client ID, and Client Secret
  3. Select the Assets workspace and object schema to sync into
  4. Choose a sync interval (hourly, every 6 hours, or daily)
  5. Toggle Enable sync on
  6. Click Save

Step 6 — Run your first sync

Click Sync now to trigger an immediate sync. The first sync may take a few minutes depending on the size of your directory. Progress is shown in the Sync logs panel.

Once complete, navigate to Assets in Jira — you'll find your Entra users, groups, and Intune devices populated as objects.

Troubleshooting

ErrorLikely cause
401 UnauthorizedClient secret has expired or was entered incorrectly
403 ForbiddenAdmin consent was not granted for one or more permissions
No devices syncedIntune is not licenced or Device.Read.All consent is missing
Schema errorThe selected object schema has conflicting type names — use a dedicated schema