Jira Software Integration Security

Atlassian Cloud Connections

TeamRetro utilizes Oauth2 authorization to integrate with Jira Software (Cloud) instances. The integration requires four access scopes:
Scope Required for:
read:jira-work Read project list and issue metadata during configuration of the integration. 
write:jira-work Write action items to Jira
read:jira-user Enable Jira / TeamRetro users to be matched for action item assignments
offline_access Allow TeamRetro to post action items to Jira without requiring re-authentication each time.
Further information on these access scopes can be found at https://developer.atlassian.com/cloud/jira/platform/scopes/


Basic Authentication Connections

For Jira Software (Data Center) and Jira Software (Server) editions we support basic authentication via Jira username/password. As we need to send these across with the API they are stored encrypted but not hashed - so we do recommend creating a separate Jira user for TeamRetro. We are evaluating support for Application Links in the future.


Request Origination

Should you wish to whitelist incoming API calls from TeamRetro, requests will originate from our servers in AWS and are proxied via the following static IP addresses (provided by QuotaGuard). 
  • US Environment - 52.54.159.237 and 52.73.143.252
  • EU Environment - 18.200.77.86 and 99.81.30.178


Jira APIs Used

In order to send action items through to Jira, we retrieve a list of projects, issue types and field definitions for the selected issue types to allow the administrator to select the target issue location in Jira, populate required values and select default values.
Purpose
Data Center edition and Server edition Cloud edition
Get authorized user info, test connectivity /rest/api/2/myself (GET) /rest/api/3/myself (GET)
List projects /rest/api/2/project (GET) /rest/api/3/project/search (GET)
Retrieve project details
/rest/api/2/project/... (GET)
/rest/api/3/project/... (GET)
Retrieve issue types for selected project
/rest/api/2/issue/createmeta/.../issuetypes (GET)
/rest/api/3/project/...?expand=issueTypes (GET)
Retrieve field definitions for issue type /rest/api/2/issue/createmeta/.../issuetypes/... (GET) /rest/api/3/issue/createmeta (GET)
Retrieve components for custom fields /rest/api/2/project/.../components (GET) /rest/api/3/project/.../components (GET)
Retrieve users for custom fields /rest/api/2/user/picker (GET) /rest/api/3/user/picker (GET)
Search for assigned user /rest/api/2/user/assignable/search (GET)
/rest/api/3/user/assignable/search (GET)
Retrieve priority options
/rest/api/2/priority (GET) /rest/api/3/priority (GET)
Publish a Jira Issue /rest/api/2/issue (POST) /rest/api/3/issue (POST)
Delete a published Jira Issue /rest/api/2/issue/... (DELETE) /rest/api/3/issue/... (DELETE)


We do not read any other issues / data.

Still need help? Contact Us Contact Us