Skip to main content

Prepare Atlassian Jira connector

note

This connector is currently available in beta.

The Atlassian Jira connector retrieves information about subscriptions, users, and user activity.

Prerequisites

The minimum requirements to connect to the Jira API are an Atlassian user account with the Jira System Administrator or Site Administrator permissions. These permissions will enable the connector to retrieve data on your Jira Software application.

To enable the connector to retrieve data on all of your Jira applications, the user account must have the Organization Administrator and Application Administrator permissions.

Configure OAuth 2.0 authentication

Follow these steps to configure an OAuth 2.0 integration with Atlassian Jira. You must sign in to the Atlassian Developer console and enable the scopes for the Jira API, as well as retrieve your cloud ID, refresh token, client ID, and client secret.

Initiate an OAuth 2.0 integration and select API scopes

  1. Sign in to Atlassian Developer console: https://developer.atlassian.com/console/myapps/ .

  2. Select Create > OAuth 2.0 integration.

  3. Enter a name for the integration, and then select Create.

  4. On the sidebar menu, select Permissions.

  5. Select Add for the User identity API and the Jira API.

  6. For the user identity API, select Configure.

  7. Select Edit Scopes, and enable the following scopes:

    • read:me
    • read:account

  8. Select Save.

  9. Go back to Permissions.

  10. For the Jira API, select Configure.

  11. Select the Granular scopes tab.

  12. Select Edit scopes, and enable the following 13 scopes:

    • read:application-role:jira
    • read:audit-log:jira
    • read:avatar:jira
    • read:group:jira
    • read:license:jira
    • read:issue:jira
    • read:issue-meta:jira
    • read:field:jira
    • read:field-configuration:jira
    • read:issue-details:jira
    • read:user:jira
    • read:user.columns:jira
    • read:jql:jira

  13. Select Save.

Get the cloud ID for your Jira instance

  1. Enter the following URL into your browser, replacing YOUR-SITE with the name of your Jira website: https://YOUR-SITE.atlassian.net/_edge/tenant_info

  2. Copy and save the cloud ID shown on the webpage.

    You will enter this value into Snow Atlas to set up the Jira connector.

Get the refresh token

If you plan to add multiple Jira connectors, you must retrieve a unique refresh token for each instance.

  1. In the Atlassian Developer console, on the sidebar menu, select Authorization.

  2. Select Add.

  3. In the Callback URL field, enter http://localhost.

  4. Select Save changes.

    Two URLs will be generated: User identity API authorization URL and Granular Jira API authorization URL.

  5. Copy the Granular Jira API authorization URL. It will contain the following query parameters:

    https://auth.atlassian.com/authorize?
      audience=api.atlassian.com&
      client_id=YOUR_CLIENT_ID&
      scope=REQUESTED_SCOPE_ONE%20REQUESTED_SCOPE_TWO&
      redirect_uri=https://YOUR_APP_CALLBACK_URL&
      state=YOUR_USER_BOUND_VALUE&
      response_type=code&
      prompt=consent

  6. Replace the parameters in the URL with the values below:

    ParameterValue
    client_id=The client ID should be auto-populated in the authorization URL. To find your client ID, follow the instructions in Get the client ID and client secret.
    scope=offline_access%20read%3Aapplication-role%3Ajira%20read%3Aaudit-log%3Ajira%20read%3Aavatar%3Ajira%20read%3Agroup%3Ajira%20read%3Alicense%3Ajira%20read%3Aissue%3Ajira%20read%3Aissue-meta%3Ajira%20read%3Afield%3Ajira%20read%3Afield-configuration%3Ajira%20read%3Aissue-details%3Ajira%20read%3Auser%3Ajira%20read%3Auser.columns%3Ajira%20read%3Ajql%3Ajira
    redirect_uri=https://localhost, or whichever Callback URL you entered in step 3.
    state=Enter a unique and unguessable string. The state parameter is a security feature that mitigates the risk of the authorization flow being hijacked. For more information, see What is the state parameter used for? .

  7. Enter the constructed URL in your browser.

    You will be redirected to an Atlassian webpage requesting authorization.

  8. Select Accept.

    You will be redirected to your Callback URL. This URL will contain the code parameter.

  9. Copy and save the value of the code parameter.

  10. Run the following command in a command line. Use the cURL tool and replace the data parameters with the values listed in the table below.

            curl --request POST \
      --url 'https://auth.atlassian.com/oauth/token' \
      --header 'Content-Type: application/json' \
      --data '{"grant_type": "authorization_code","client_id": "YOUR_CLIENT_ID","client_secret": "YOUR_CLIENT_SECRET","code": "YOUR_AUTHORIZATION_CODE","redirect_uri": "https://YOUR_APP_CALLBACK_URL"}'
    ParameterValue
    YOUR_CLIENT_IDYour client ID. To find your client ID, follow the instructions in Get the client ID and client secret.
    YOUR_CLIENT_SECRETYour client secret. To find your client secret, follow the instructions in Get the client ID and client secret.
    YOUR_AUTHORIZATION_CODEThe value of the code parameter you saved in step 9.
    https://YOUR_APP_CALLBACK_URLlocalhost or whichever Callback URL you entered in step 3.

    The request will return the following:

    HTTP/1.1 200 OK
    Content-Type: application/json

    {
      "access_token": <string>,
      "expires_in": <expiry time of access_token in second>,
      "token_type": "Bearer",
      "refresh_token": <string>,
      "scope": "read:issue-details:jira read:user.columns:jira read:user:jira read:application-role:jira read:avatar:jira read:issue-meta:jira offline_access read:audit-log:jira read:field-configuration:jira read:license:jira"
    }

  11. Copy and save the refresh_token value.

    You will enter this value into Snow Atlas to set up the Jira connector.

Get the client ID and client secret

  1. In the Atlassian Developer console, go to Settings.

  2. Copy and save the Client ID and Client secret values.

    You will enter these values into Snow Atlas to set up the Jira connector.

Configure basic authentication

Basic authentication will enable your connector to retrieve data on the number of users assigned to your Atlassian license and the number of available subscriptions remaining. To configure an API integration using basic authentication, you are required to retrieve your Atlassian account email and generate an API token.

note
  • Snow Atlas encrypts and stores the Account email and API token values you enter when adding the connector in SaaS settings.

  1. Sign in to Atlassian and go to https://id.atlassian.com/manage-profile/security/api-tokens .

  2. Select Create API token.

  3. Enter a name for the token, and then select Create.

  4. Copy and save the API token value.

    You will enter this value into Snow Atlas to set up the Jira connector.

Add Jira connector

After completing these tasks, follow the general procedure to Add connectors.

tip

If you plan to add multiple Jira connectors, use the unique name of your Jira website as the connector name in Settings to help differentiate between instances. The connector name displays in the Discovery source column on the SaaS pages.

The connector makes API calls to the vendor and retrieves data. For more information, see API calls and Data retrieved by the connector.

Flexera does not own the third party trademarks, software, products, or tools (collectively, the "Third Party Products") referenced herein. Third Party Product updates, including user interface updates, may not be reflected in this content.