Skip to main content

Atlassian IAM

This Integration is part of the Atlassian IAM Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Note: This integration should be used as part of our IAM premium pack. For further details, visit our IAM pack documentation. For more information, please refer to the Identity Lifecycle Management article. Integrate with Atlassian's services to execute generic ILM management operations such as create, update, delete, etc, for employee lifecycle processes.

Configure Atlassian IAM in Cortex#

ParameterDescriptionRequired
Atlassian URLTrue
Access TokenTrue
Directory IDTrue
Trust any certificate (not secure)False
Use system proxy settingsFalse
create_user_enabledAllow creating users. If set to false, iam-create-user command will be skipped, and user will not be created.False
update_user_enabledAllow updating usersFalse
enable_user_enabledAllow enabling usersFalse
disable_user_enabledAllow disabling usersFalse
Automatically create user if not found in update commandFalse
Incoming MapperIncoming MapperTrue
Outgoing MapperOutgoing MapperTrue
* To allow the integration to access the mapper from within the code, as required by the ILM pack, both mappers have to be configured in their proper respective fields and not in the "Mapper (outgoing)" dropdown list selector.

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

iam-create-user#


Creates a user.

Base Command#

iam-create-user

Input#

Argument NameDescriptionRequired
user-profileUser Profile indicator details.Required
allow-enableWhen set to true, after the command execution the status of the user in the 3rd-party integration will be active. Possible values are: true, false. Default is true.Optional

Context Output#

PathTypeDescription
IAM.Vendor.activeBooleanWhen true, indicates that the employee's status is active in the 3rd-party integration.
IAM.Vendor.brandStringName of the integration.
IAM.Vendor.detailsstringProvides the raw data from the 3rd-party integration.
IAM.Vendor.emailStringThe employee's email address.
IAM.Vendor.errorCodeNumberHTTP error response code.
IAM.Vendor.errorMessageStringReason why the API failed.
IAM.Vendor.idStringThe employee's user ID in the app.
IAM.Vendor.instanceNamestringName of the integration instance.
IAM.Vendor.successBooleanWhen true, indicates that the command was executed successfully.
IAM.Vendor.usernameStringThe employee's username in the app.

Command Example#

!iam-create-user user-profile=`{"emails":[{"value":"testatlas@paloaltonetworks.com","type":"work","primary":"true"}],"is_active": "true", "userName":"testatlas@paloaltonetworks.com"}` using="Atlassian IAM_instance_1"

Context Example#

{
"IAM": {
"UserProfile": {
"emails": [
{
"primary": "true",
"type": "work",
"value": "testatlas@paloaltonetworks.com"
}
],
"is_active": "true",
"userName": "testatlas@paloaltonetworks.com"
},
"Vendor": {
"action": "create",
"active": true,
"brand": "Atlassian IAM",
"details": {
"active": true,
"emails": [
{
"primary": true,
"type": "work",
"value": "testatlas@paloaltonetworks.com"
}
],
"groups": [],
"id": "247b915a-9d6c-4cd5-b5a5-071b1b3abc2e",
"meta": {
"created": "2021-02-16T15:05:41.185473Z",
"lastModified": "2021-02-16T15:05:41.185473Z",
"location": "https://api.atlassian.com/scim/directory/315e79ae-404a-4061-8a88-df91c8c7db34/Users/247b915a-9d6c-4cd5-b5a5-071b1b3abc2e",
"resourceType": "User"
},
"schemas": [
"urn:scim:schemas:extension:atlassian-external:1.0",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"urn:scim:schemas:extension:atlassian-external:1.0": {
"atlassianAccountId": "602bdf457b23f40068547c25"
},
"userName": "testatlas@paloaltonetworks.com"
},
"email": null,
"errorCode": null,
"errorMessage": "",
"id": "247b915a-9d6c-4cd5-b5a5-071b1b3abc2e",
"instanceName": "Atlassian IAM_instance_1",
"reason": "",
"skipped": false,
"success": true,
"username": "testatlas@paloaltonetworks.com"
}
}
}

Human Readable Output#

Create User Results (Atlassian IAM)#

brandinstanceNamesuccessactiveidusernamedetails
Atlassian IAMAtlassian IAM_instance_1truetrue247b915a-9d6c-4cd5-b5a5-071b1b3abc2etestatlas@paloaltonetworks.comschemas: urn:scim:schemas:extension:atlassian-external:1.0,
urn:ietf:params:scim:schemas:core:2.0:User,
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
userName: testatlas@paloaltonetworks.com
emails: {'value': 'testatlas@paloaltonetworks.com', 'type': 'work', 'primary': True}
meta: {"resourceType": "User", "location": "https://api.atlassian.com/scim/directory/315e79ae-404a-4061-8a88-df91c8c7db34/Users/247b915a-9d6c-4cd5-b5a5-071b1b3abc2e", "lastModified": "2021-02-16T15:05:41.185473Z", "created": "2021-02-16T15:05:41.185473Z"}
groups:
urn:scim:schemas:extension:atlassian-external:1.0: {"atlassianAccountId": "602bdf457b23f40068547c25"}
id: 247b915a-9d6c-4cd5-b5a5-071b1b3abc2e
active: true

iam-update-user#


Updates an existing user with the data passed in the user-profile argument.

Base Command#

iam-update-user

Input#

Argument NameDescriptionRequired
user-profileA User Profile indicator.Required
allow-enableWhen set to true, after the command execution the status of the user in the 3rd-party integration will be active. Possible values are: true, false. Default is true.Optional

Context Output#

PathTypeDescription
IAM.Vendor.activeBooleanWhen true, indicates that the employee's status is active in the 3rd-party integration.
IAM.Vendor.brandStringName of the integration.
IAM.Vendor.detailsstringProvides the raw data from the 3rd-party integration.
IAM.Vendor.emailStringThe employee's email address.
IAM.Vendor.errorCodeNumberHTTP error response code.
IAM.Vendor.errorMessageStringReason why the API failed.
IAM.Vendor.idStringThe employee's user ID in the app.
IAM.Vendor.instanceNamestringName of the integration instance.
IAM.Vendor.successBooleanWhen true, indicates that the command was executed successfully.
IAM.Vendor.usernameStringThe employee's username in the app.

Command Example#

!iam-update-user user-profile=`{"email": "testatlas@paloaltonetworks.com", "username": "testatlas@paloaltonetworks.com", "title": "Manager"}` using="Atlassian IAM_instance_1"

Context Example#

{
"IAM": {
"UserProfile": {
"email": "testatlas@paloaltonetworks.com",
"title": "Manager",
"username": "testatlas@paloaltonetworks.com"
},
"Vendor": {
"action": "update",
"active": true,
"brand": "Atlassian IAM",
"details": {
"active": true,
"emails": [
{
"primary": true,
"type": "work",
"value": "testatlas@paloaltonetworks.com"
}
],
"groups": [],
"id": "247b915a-9d6c-4cd5-b5a5-071b1b3abc2e",
"meta": {
"created": "2021-02-16T15:05:41.185473Z",
"lastModified": "2021-02-16T15:05:41.185473Z",
"location": "https://api.atlassian.com/scim/directory/315e79ae-404a-4061-8a88-df91c8c7db34/Users/247b915a-9d6c-4cd5-b5a5-071b1b3abc2e",
"resourceType": "User"
},
"schemas": [
"urn:scim:schemas:extension:atlassian-external:1.0",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"urn:scim:schemas:extension:atlassian-external:1.0": {
"atlassianAccountId": "602bdf457b23f40068547c25"
},
"userName": "testatlas@paloaltonetworks.com"
},
"email": "testatlas@paloaltonetworks.com",
"errorCode": null,
"errorMessage": "",
"id": "247b915a-9d6c-4cd5-b5a5-071b1b3abc2e",
"instanceName": "Atlassian IAM_instance_1",
"reason": "",
"skipped": false,
"success": true,
"username": "testatlas@paloaltonetworks.com"
}
}
}

Human Readable Output#

Update User Results (Atlassian IAM)#

brandinstanceNamesuccessactiveidusernameemaildetails
Atlassian IAMAtlassian IAM_instance_1truetrue247b915a-9d6c-4cd5-b5a5-071b1b3abc2etestatlas@paloaltonetworks.comtestatlas@paloaltonetworks.comschemas: urn:scim:schemas:extension:atlassian-external:1.0,
urn:ietf:params:scim:schemas:core:2.0:User,
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
userName: testatlas@paloaltonetworks.com
emails: {'value': 'testatlas@paloaltonetworks.com', 'type': 'work', 'primary': True}
meta: {"resourceType": "User", "location": "https://api.atlassian.com/scim/directory/315e79ae-404a-4061-8a88-df91c8c7db34/Users/247b915a-9d6c-4cd5-b5a5-071b1b3abc2e", "lastModified": "2021-02-16T15:05:41.185473Z", "created": "2021-02-16T15:05:41.185473Z"}
groups:
urn:scim:schemas:extension:atlassian-external:1.0: {"atlassianAccountId": "602bdf457b23f40068547c25"}
id: 247b915a-9d6c-4cd5-b5a5-071b1b3abc2e
active: true

iam-get-user#


Retrieves a single user resource.

Base Command#

iam-get-user

Input#

Argument NameDescriptionRequired
user-profileA User Profile indicator.Required

Context Output#

PathTypeDescription
IAM.Vendor.activeBooleanWhen true, indicates that the employee's status is active in the 3rd-party integration.
IAM.Vendor.brandStringName of the integration.
IAM.Vendor.detailsstringProvides the raw data from the 3rd-party integration.
IAM.Vendor.emailStringThe employee's email address.
IAM.Vendor.errorCodeNumberHTTP error response code.
IAM.Vendor.errorMessageStringReason why the API failed.
IAM.Vendor.idStringThe employee's user ID in the app.
IAM.Vendor.instanceNamestringName of the integration instance.
IAM.Vendor.successBooleanWhen true, indicates that the command was executed successfully.
IAM.Vendor.usernameStringThe employee's username in the app.

Command Example#

!iam-get-user user-profile=`{"email": "test@paloaltonetworks.com", "username": "testDemisto"}` using="Atlassian IAM_instance_1"

Context Example#

{
"IAM": {
"UserProfile": {
"Email": "test@paloaltonetworks.com",
"Title": "Team Lead",
"Username": "testDemisto"
},
"Vendor": {
"action": "get",
"active": null,
"brand": "Atlassian IAM",
"details": {
"emails": [
{
"primary": true,
"type": "work",
"value": "test@paloaltonetworks.com"
}
],
"groups": [],
"id": "550364dd-1c1e-4953-bffc-418fce013c2e",
"meta": {
"created": "2021-02-15T13:26:34.13545Z",
"lastModified": "2021-02-15T17:01:01.876067Z",
"location": "https://api.atlassian.com/scim/directory/315e79ae-404a-4061-8a88-df91c8c7db34/Users/550364dd-1c1e-4953-bffc-418fce013c2e",
"resourceType": "User"
},
"schemas": [
"urn:scim:schemas:extension:atlassian-external:1.0",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"title": "Team Lead",
"urn:scim:schemas:extension:atlassian-external:1.0": {
"atlassianAccountId": "5f3589458d89e30046317d34"
},
"userName": "testDemisto"
},
"email": null,
"errorCode": null,
"errorMessage": "",
"id": "550364dd-1c1e-4953-bffc-418fce013c2e",
"instanceName": "Atlassian IAM_instance_1",
"reason": "",
"skipped": false,
"success": true,
"username": "testDemisto"
}
}
}

Human Readable Output#

Get User Results (Atlassian IAM)#

brandinstanceNamesuccessidusernamedetails
Atlassian IAMAtlassian IAM_instance_1true550364dd-1c1e-4953-bffc-418fce013c2etestDemistoschemas: urn:scim:schemas:extension:atlassian-external:1.0,
urn:ietf:params:scim:schemas:core:2.0:User,
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
userName: testDemisto
emails: {'value': 'test@paloaltonetworks.com', 'type': 'work', 'primary': True}
title: Team Lead
meta: {"resourceType": "User", "location": "https://api.atlassian.com/scim/directory/315e79ae-404a-4061-8a88-df91c8c7db34/Users/550364dd-1c1e-4953-bffc-418fce013c2e", "lastModified": "2021-02-15T17:01:01.876067Z", "created": "2021-02-15T13:26:34.13545Z"}
groups:
urn:scim:schemas:extension:atlassian-external:1.0: {"atlassianAccountId": "5f3589458d89e30046317d34"}
id: 550364dd-1c1e-4953-bffc-418fce013c2e

iam-disable-user#


Disable an active user.

Base Command#

iam-disable-user

Input#

Argument NameDescriptionRequired
user-profileA User Profile indicator.Required

Context Output#

PathTypeDescription
IAM.Vendor.activeBooleanWhen true, indicates that the employee's status is active in the 3rd-party integration.
IAM.Vendor.brandStringName of the integration.
IAM.Vendor.detailsstringProvides the raw data from the 3rd-party integration.
IAM.Vendor.emailStringThe employee's email address.
IAM.Vendor.errorCodeNumberHTTP error response code.
IAM.Vendor.errorMessageStringReason why the API failed.
IAM.Vendor.idStringThe employee's user ID in the app.
IAM.Vendor.instanceNamestringName of the integration instance.
IAM.Vendor.successBooleanWhen true, indicates that the command was executed successfully.
IAM.Vendor.usernameStringThe employee's username in the app.

Command Example#

!iam-disable-user user-profile=`{"email": "testdemisto@paloaltonetworks.com", "username": "Demisto"}` using="Atlassian IAM_instance_1"

Context Example#

{
"IAM": {
"UserProfile": {
"email": "testdemisto@paloaltonetworks.com",
"username": "Demisto"
},
"Vendor": {
"action": "disable",
"active": null,
"brand": "Atlassian IAM",
"details": null,
"email": "testdemisto@paloaltonetworks.com",
"errorCode": null,
"errorMessage": "",
"id": null,
"instanceName": "Atlassian IAM_instance_1",
"reason": "User does not exist",
"skipped": true,
"success": true,
"username": null
}
}
}

Human Readable Output#

Disable User Results (Atlassian IAM)#

brandinstanceNameskippedreason
Atlassian IAMAtlassian IAM_instance_1trueUser does not exist