Prepare Atlassian Jira connector

The Atlassian Jira connector retrieves information about subscriptions, users, and user activity.

To set up this connector, you must first retrieve the cloud ID for your Jira site. Then proceed with one of the following authentication options:

Authenticate using an API token with scopes (recommended): If you opt for this, select Token with scopes (Recommended) as the authentication method when you add the connector.
Authenticate with OAuth 2.0: If you opt for this, select OAuth as the authentication method when you add the connector.

Prerequisites

The minimum requirements to connect to the Jira API are an Atlassian user account with the Jira System Administrator or Site Administrator permissions. These permissions will enable the connector to retrieve data on your Jira Software application.

Get the cloud ID for your Jira site

Enter the following URL into your browser, replacing YOUR-SITE with the name of your Jira website: https://YOUR-SITE.atlassian.net/_edge/tenant_info
Copy and save the cloud ID shown on the webpage.

You will enter this value into Snow Atlas to set up the Jira connector.

Authenticate using an API token with scopes

Follow these steps to generate an API token with the scopes required for the Atlassian Jira connector.

Sign in to Atlassian and go to https://id.atlassian.com/manage-profile/security/api-tokens .
Select Create API token with scopes.
Enter a name for the token and the expiration date, and then select Next.
Select the Jira app and click Next.
Enable these scopes:
- read:application-role:jira
- read:audit-log:jira
- read:avatar:jira
- read:group:jira
- read:license:jira
- read:issue:jira
- read:issue-meta:jira
- read:field:jira
- read:field-configuration:jira
- read:issue-details:jira
- read:user:jira
- read:user.columns:jira
- read:jql:jira
Select Next.
Review your changes, and then select Create token.
Copy and save the API token value.

You will enter this value into Snow Atlas to set up the Jira connector.

Authenticate with OAuth 2.0

Follow these steps to configure an OAuth 2.0 integration with Atlassian Jira.

Initiate an OAuth 2.0 integration and select API scopes

Sign in to Atlassian Developer console: https://developer.atlassian.com/console/myapps/ .
Select Create > OAuth 2.0 integration.
Enter a name for the integration, and then select Create.
On the sidebar menu, select Permissions.
For the Jira API, select Add, and then select Configure.
Select the Granular scopes tab.
Select Edit scopes, and enable the following 13 scopes:
- read:application-role:jira
- read:audit-log:jira
- read:avatar:jira
- read:group:jira
- read:license:jira
- read:issue:jira
- read:issue-meta:jira
- read:field:jira
- read:field-configuration:jira
- read:issue-details:jira
- read:user:jira
- read:user.columns:jira
- read:jql:jira
Select Save.

Get the refresh token

If you plan to add multiple Jira connectors, you must retrieve a unique refresh token for each instance.

In the Atlassian Developer console, on the sidebar menu, select Authorization.
Select Add.
In the Callback URL field, enter http://localhost.
Select Save changes.

A Granular Jira API authorization URL will be generated.

Copy the Granular Jira API authorization URL. It will contain the following query parameters:

https://auth.atlassian.com/authorize?
  audience=api.atlassian.com&
  client_id=YOUR_CLIENT_ID&
  scope=REQUESTED_SCOPE_ONE%20REQUESTED_SCOPE_TWO&
  redirect_uri=https://YOUR_APP_CALLBACK_URL&
  state=YOUR_USER_BOUND_VALUE&
  response_type=code&
  prompt=consent

Replace the parameters in the URL with the values below:

Parameter	Value
`scope=`	`offline_access%20read%3Aapplication-role%3Ajira%20read%3Aaudit-log%3Ajira%20read%3Aavatar%3Ajira%20read%3Agroup%3Ajira%20read%3Alicense%3Ajira%20read%3Aissue%3Ajira%20read%3Aissue-meta%3Ajira%20read%3Afield%3Ajira%20read%3Afield-configuration%3Ajira%20read%3Aissue-details%3Ajira%20read%3Auser%3Ajira%20read%3Auser.columns%3Ajira%20read%3Ajql%3Ajira&`
`state=`	Enter a unique and unguessable string. The state parameter is a security feature that mitigates the risk of the authorization flow being hijacked. For more information, see What is the state parameter used for? .

Enter the constructed URL in your browser.

You will be redirected to an Atlassian webpage requesting authorization.
Select Accept.

You will be redirected to your Callback URL. This URL will contain the code parameter.
Copy and save the value of the code parameter.

Run the following command in a command line. Use the cURL tool and replace the data parameters with the values listed in the table below.

tip

You can also generate the refresh token using Postman, instead of the cURL tool. Every value that is inserted into the URL must be properly encoded.

        curl --request POST \
  --url 'https://auth.atlassian.com/oauth/token' \
  --header 'Content-Type: application/json' \
  --data '{"grant_type": "authorization_code","client_id": "YOUR_CLIENT_ID","client_secret": "YOUR_CLIENT_SECRET","code": "YOUR_AUTHORIZATION_CODE","redirect_uri": "https://YOUR_APP_CALLBACK_URL"}'

Parameter	Value
`YOUR_CLIENT_ID`	Your client ID. To find your client ID, follow the instructions in Get the client ID and client secret.
`YOUR_CLIENT_SECRET`	Your client secret. To find your client secret, follow the instructions in Get the client ID and client secret.
`YOUR_AUTHORIZATION_CODE`	The value of the `code` parameter you saved in step 9.
`https://YOUR_APP_CALLBACK_URL`	`localhost` or whichever Callback URL you entered in step 3.

The request will return the following:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "access_token": <string>,
  "expires_in": <expiry time of access_token in second>,
  "token_type": "Bearer",
  "refresh_token": <string>,
  "scope": "read:issue-details:jira read:user.columns:jira read:user:jira read:application-role:jira read:avatar:jira read:issue-meta:jira offline_access read:audit-log:jira read:field-configuration:jira read:license:jira"
}

Copy and save the refresh_token value.

You will enter this value into Snow Atlas to set up the Jira connector.

Get the client ID and client secret

In the Atlassian Developer console, go to Settings.
Copy and save the Client ID and Client secret values.

You will enter these values into Snow Atlas to set up the Jira connector.

Add Jira connector

note

You must set up individual instances for your Jira and Confluence connectors. Atlassian's policy prohibits adding both Jira and Confluence connectors to a single application in SaaS Management.
If you plan to add multiple Jira connectors, use the unique name of your Jira website as the connector name in Settings to help differentiate between instances. The connector name displays in the Discovery source column on the SaaS pages.

After completing these tasks, follow the general procedure to Add connectors. When adding the connector, you are prompted to select an Authentication method depending on your chosen method. Select Token with scopes (Recommended) if you followed the instructions to Authenticate using an API token with scopes; select OAuth if you followed the instructions to Authenticate with OAuth 2.0.

The connector makes API calls to the vendor and retrieves data. For more information, see API calls and Data retrieved by the connector.

Flexera does not own the third party trademarks, software, products, or tools (collectively, the "Third Party Products") referenced herein. Third Party Product updates, including user interface updates, may not be reflected in this content.

Prerequisites​

Get the cloud ID for your Jira site​

Authenticate using an API token with scopes​

Authenticate with OAuth 2.0​

Initiate an OAuth 2.0 integration and select API scopes​

Get the refresh token​

Get the client ID and client secret​

Add Jira connector​