Finding managers of users and setting them as approvers automatically

There may be many occasions that as a Jira Administrator, you may need to find the managers of users and set them as approvers automatically. One example use case could be as follows:

Use Case:
As an IT Administrator, I would like to receive “System Access Requests” in my queue after they are approved by the manager of the employee (requestor).

In such a case, you can leverage the data you have in your existing Azure AD, Workday, or other data sources. There are multiple ways to achieve this solution. You can find 2 of them below.

Instructions

Option 1:

Leverage Jira Automation capabilities.

Install Azure AD Importer for JSM Assets from the marketplace.
Watch the demo.
Configure and import your organizational data (i.e. Users and Managers)
Set the scheduling for automated replication.
Create an automation rule for your project or projects depending on your use case.

Automation Component	Configuration	Explanation

Automation Component	Configuration	Explanation
		Select the trigger for Issue created.
		Add a control step and filter the request types or issue types that you would like to run the rule. For example: Request Access Badge, Request admin access, Request system access and software ….
		Search for the requestor’s record (aka object) in the database (namely Assets object schema). Select the Azure AD object schema. Add the AQL (Assets Query Language) to find the user which matches the email address of the requestor. `objecttype = Users and "E-mail Address" = "{{issue.reporter.emailAddress}}"`
		Make sure that you found only one record. You can compare the smart value: `{{lookupObjects.size}}`
		Using the Jira Rest API get the details of the user by providing the email address. Send a web request to Jira API using the URL: `https://your-site-name.atlassian.net/rest/api/2/user/search?query={{lookupObjects.Manager."E-mail Address"}}` The hidden part in the `Authorization` header needs to be in a format like: `Basic Y29udGFwgpxwaW8uc29mdHdhcyyyyWxNZmh4SVdUeFU1YWtwSHJDljI5xxxx` Please note that your Email Address and API Token need to be Base64 encoded as explained in the following document. https://developer.atlassian.com/cloud/jira/platform/basic-auth-for-rest-apis/#supply-basic-auth-headers
		Make sure that you found only one record in the API response. `{{webResponse.body.size}}`
		Set the Approver field using a Smart Value which uses the data coming from the API response. `{{webResponse.body.accountId}}`

We recommend using the “Log Action” component between the steps above to see if you have mapped the fields properly and the data is flowing as expected. This will save time while you are troubleshooting your rule.

Option 2:

Exteded the Azure AD data model and leverage Jira Automation capabilities.

Install Azure AD Importer for JSM Assets from the marketplace.
Watch the demo.
Configure and import your organizational data (i.e. Users and Managers)
Set the scheduling for automated replication.
Map your Azure AD users and Jira Users automatically by following the guide: Mapping Azure AD Users with Jira Users and Jira Groups
Create an automation rule for your project or projects depending on your use case.

Automation Component	Configuration	Explanation

Automation Component	Configuration	Explanation
		Select the trigger for Issue created.
		Add a control step and filter the request types or issue types that you would like to run the rule. For example: Request Access Badge, Request admin access, Request system access and software ….
		Search for the requestor’s record (aka object) in the database (namely Assets object schema). Select the Azure AD object schema. Add the AQL (Assets Query Language) to find the user which maches the email address of the requestor.
		Make sure that you found only one record.
		Set the Approver field using a Smart Value of the Jira User which uses the data coming from the lookup response.