Skip to main content

Prepare Atlassian Jira connector

The Atlassian Jira connector retrieves information about subscriptions, users, and user activity.

Prerequisites

The minimum requirements to connect to the Jira API are an Atlassian user account with the Jira System Administrator or Site Administrator permissions. These permissions will enable the connector to retrieve data on your Jira Software application.

Configure OAuth 2.0 authentication

Follow these steps to configure an OAuth 2.0 integration with Atlassian Jira. You must sign in to the Atlassian Developer console and enable the scopes for the Jira API, as well as retrieve your cloud ID, refresh token, client ID, and client secret.

Initiate an OAuth 2.0 integration and select API scopes

  1. Sign in to Atlassian Developer console: https://developer.atlassian.com/console/myapps/ .

  2. Select Create > OAuth 2.0 integration.

  3. Enter a name for the integration, and then select Create.

  4. On the sidebar menu, select Permissions.

  5. For the Jira API, select Add, and then select Configure.

  6. Select the Granular scopes tab.

  7. Select Edit scopes, and enable the following 13 scopes:

    • read:application-role:jira
    • read:audit-log:jira
    • read:avatar:jira
    • read:group:jira
    • read:license:jira
    • read:issue:jira
    • read:issue-meta:jira
    • read:field:jira
    • read:field-configuration:jira
    • read:issue-details:jira
    • read:user:jira
    • read:user.columns:jira
    • read:jql:jira

  8. Select Save.

Get the cloud ID for your Jira instance

  1. Enter the following URL into your browser, replacing YOUR-SITE with the name of your Jira website: https://YOUR-SITE.atlassian.net/_edge/tenant_info

  2. Copy and save the cloud ID shown on the webpage.

    You will enter this value into Snow Atlas to set up the Jira connector.

Get the refresh token

If you plan to add multiple Jira connectors, you must retrieve a unique refresh token for each instance.

  1. In the Atlassian Developer console, on the sidebar menu, select Authorization.

  2. Select Add.

  3. In the Callback URL field, enter http://localhost.

  4. Select Save changes.

    A Granular Jira API authorization URL will be generated.

  5. Copy the Granular Jira API authorization URL. It will contain the following query parameters:

    https://auth.atlassian.com/authorize?
      audience=api.atlassian.com&
      client_id=YOUR_CLIENT_ID&
      scope=REQUESTED_SCOPE_ONE%20REQUESTED_SCOPE_TWO&
      redirect_uri=https://YOUR_APP_CALLBACK_URL&
      state=YOUR_USER_BOUND_VALUE&
      response_type=code&
      prompt=consent

  6. Replace the parameters in the URL with the values below:

    ParameterValue
    scope=offline_access%20read%3Aapplication-role%3Ajira%20read%3Aaudit-log%3Ajira%20read%3Aavatar%3Ajira%20read%3Agroup%3Ajira%20read%3Alicense%3Ajira%20read%3Aissue%3Ajira%20read%3Aissue-meta%3Ajira%20read%3Afield%3Ajira%20read%3Afield-configuration%3Ajira%20read%3Aissue-details%3Ajira%20read%3Auser%3Ajira%20read%3Auser.columns%3Ajira%20read%3Ajql%3Ajira
    state=Enter a unique and unguessable string. The state parameter is a security feature that mitigates the risk of the authorization flow being hijacked. For more information, see What is the state parameter used for? .

  7. Enter the constructed URL in your browser.

    You will be redirected to an Atlassian webpage requesting authorization.

  8. Select Accept.

    You will be redirected to your Callback URL. This URL will contain the code parameter.

  9. Copy and save the value of the code parameter.

  10. Run the following command in a command line. Use the cURL tool and replace the data parameters with the values listed in the table below.

    tip

    You can also generate the refresh token using Postman, instead of the cURL tool. Every value that is inserted into the URL must be properly encoded.

            curl --request POST \
      --url 'https://auth.atlassian.com/oauth/token' \
      --header 'Content-Type: application/json' \
      --data '{"grant_type": "authorization_code","client_id": "YOUR_CLIENT_ID","client_secret": "YOUR_CLIENT_SECRET","code": "YOUR_AUTHORIZATION_CODE","redirect_uri": "https://YOUR_APP_CALLBACK_URL"}'
    ParameterValue
    YOUR_CLIENT_IDYour client ID. To find your client ID, follow the instructions in Get the client ID and client secret.
    YOUR_CLIENT_SECRETYour client secret. To find your client secret, follow the instructions in Get the client ID and client secret.
    YOUR_AUTHORIZATION_CODEThe value of the code parameter you saved in step 9.
    https://YOUR_APP_CALLBACK_URLlocalhost or whichever Callback URL you entered in step 3.

    The request will return the following:

    HTTP/1.1 200 OK
    Content-Type: application/json

    {
      "access_token": <string>,
      "expires_in": <expiry time of access_token in second>,
      "token_type": "Bearer",
      "refresh_token": <string>,
      "scope": "read:issue-details:jira read:user.columns:jira read:user:jira read:application-role:jira read:avatar:jira read:issue-meta:jira offline_access read:audit-log:jira read:field-configuration:jira read:license:jira"
    }

  11. Copy and save the refresh_token value.

    You will enter this value into Snow Atlas to set up the Jira connector.

Get the client ID and client secret

  1. In the Atlassian Developer console, go to Settings.

  2. Copy and save the Client ID and Client secret values.

    You will enter these values into Snow Atlas to set up the Jira connector.

Account email and API token

To set up an API integration that retrieves information about the number of users assigned to your Atlassian license and the remaining available subscriptions, you must provide your Atlassian account email and generate an API token.

Snow Atlas ensures the security of your account email and API token by encrypting and securely storing the information you enter in SaaS settings. The system retrieves data exclusively regarding the number of users and assigned seats.

  1. Sign in to Atlassian and go to https://id.atlassian.com/manage-profile/security/api-tokens .

  2. Select Create API token.

  3. Enter a name for the token, and then select Create.

  4. Copy and save the API token value.

    You will enter this value into Snow Atlas to set up the Jira connector.

Add Jira connector

note

  • You must set up individual instances for your Jira and Confluence connectors. Atlassian's policy prohibits adding both Jira and Confluence connectors to a single application in SaaS Management.

  • If you plan to add multiple Jira connectors, use the unique name of your Jira website as the connector name in Settings to help differentiate between instances. The connector name displays in the Discovery source column on the SaaS pages.

After completing these tasks, follow the general procedure to Add connectors.

The connector makes API calls to the vendor and retrieves data. For more information, see API calls and Data retrieved by the connector.

Flexera does not own the third party trademarks, software, products, or tools (collectively, the "Third Party Products") referenced herein. Third Party Product updates, including user interface updates, may not be reflected in this content.