Jira Software integration security
Atlassian Cloud Connections
Scope | Required for: |
read:jira-work | Read project list and issue metadata during configuration of the integration. |
write:jira-work | Write action items to Jira. |
read:jira-user | Enable Jira / TeamRetro users to be matched for action item assignments. |
offline_access | Post action items to Jira without requiring re-authentication each time. |
manage:jira-configuration | Access priority search API to align TeamRetro and Jira priority values. |
Application Link Connections
For Jira Software (Data Center) edition we support Oauth authentication via Application Links.
Scope | Required for: |
WRITE | Write action items to Jira (read for project list and issue metadata is implicit). |
Basic Authentication Connections
Not Recommended. For Jira Software (Data Center) and Jira Software (Server) editions we support basic authentication via Jira username/password. As we need to send these across with the API they are stored encrypted but not hashed - so we do recommend creating a separate Jira user for TeamRetro if using this integration method.
Request Origination
Calls to Jira Server / Jira Cloud will originate from our servers in AWS and are proxied via fixed IP addresses:
- US Environment - 44.207.115.152
- EU Environment - 3.74.131.45
Jira APIs Used
Purpose | Data Center & Server editions | Cloud edition |
Get authorized user info, test connectivity | /rest/api/2/myself (GET) | /rest/api/3/myself (GET) |
List projects | /rest/api/2/project (GET) | /rest/api/3/project/search (GET) |
Retrieve project details | /rest/api/2/project/... (GET) | /rest/api/3/project/... (GET) |
Retrieve issue types for selected project | /rest/api/2/issue/createmeta/.../issuetypes (GET) | /rest/api/3/project/...?expand=issueTypes (GET) |
Retrieve field definitions for issue type | /rest/api/2/issue/createmeta/.../issuetypes/... (GET) | /rest/api/3/issue/createmeta (GET) |
Retrieve components for custom fields | /rest/api/2/project/.../components (GET) | /rest/api/3/project/.../components (GET) |
Retrieve users for custom fields | /rest/api/2/user/picker (GET) | /rest/api/3/user/picker (GET) |
Search for assigned user & confirm they are valid for assignment | /rest/api/2/user/search (GET) /rest/api/2/user/assignable/search (GET) |
/rest/api/3/user/assignable/search (GET) |
Retrieve priority options | /rest/api/2/priority (GET) | /rest/api/3/priority (GET) /rest/api/priority/search (GET) |
Publish a Jira Issue | /rest/api/2/issue (POST) | /rest/api/3/issue (POST) |
Delete a published Jira Issue | /rest/api/2/issue/... (DELETE) | /rest/api/3/issue/... (DELETE) |
Search for published Jira Issue (used if two-way synchronization is enabled) | /rest/api/2/search (POST) |
/rest/api/3/search/jql (POST) |