Integrate a new Jira Cloud source
Historical scanning is now available in Beta. Check out Scanning your JIRA Cloud History for more information.
All detectors are supported, with the exception of these 2 generic detectors, in order to limit the risk of false positives:
Setting up and configuring this integration is limited to users with an Owner or Manager access level. Jira Cloud site installation is only open to workspaces under the Business plan. However, you can install and test secret detection in Jira Cloud with a 30-day trial. Any secret incidents detected during the trial will remain accessible in your incident dashboard.
GitGuardian integrates natively with Jira Cloud via a Jira Cloud app that you can install on your Jira Cloud sites. Note that the GitGuardian Jira Cloud app only has read access to your projects.
Setup your Jira Cloud integration
You can install GitGuardian on multiple Jira Cloud sites to monitor your projects.
- Make sure you're logged in the Jira Cloud site you want to install
- In the GitGuardian platform, navigate to the Sources integration page
- Click Install next to Jira Cloud in the Ticketing section
- Click Install on the Jira Cloud integration page
- Select the Jira Cloud site you want to add
- Click Accept to grant the permissions requested by GitGuardian
That's it! Our GitGuardian app is now automatically invited on all your projects. It will now start monitoring all issues of your projects for secrets.
Setup Jira Cloud for self-hosted GitGuardian
We recommend using dedicated workers for Jira Cloud. For more detailed information on scaling and configuration, please visit our scaling page.
If you are using a self-hosted GitGuardian instance, you must first configure a dedicated Jira Cloud App so that you own the entire data stream. This will ensure that your Jira Cloud App is created with all the appropriate rights.
1. Create a Jira Cloud app
- Navigate to the Jira Cloud integration page
- Click Configure Jira Cloud app
As a Jira Cloud administrator
- Click Create Jira Cloud app (Alternatively, if you're not a GitGuardian Manager, you can access the Atlassian developer console directly)
- Type the name of your new Jira Cloud app:
GitGuardian
- Agree to Atlassian's developer terms by checking: I agree to be bound by Atlassian's developer terms.
- Click Create
- Go to the Permissions page
- Click Add next to the Jira API line
- Click Configure next to the Jira API line
- In the Classic scopes tab, click Edit Scopes in the Jira platform REST API section
- Select the following classic scopes:
read:jira-work
manage:jira-configuration
read:jira-user
write:jira-work
manage:jira-webhook
- Click Save
- In the Granular scopes tab, click Edit Scopes
- Select the following granular scopes:
read:application-role:jira
read:avatar:jira
read:project.avatar:jira
read:group:jira
read:issue:jira
read:issue-meta:jira
read:attachment:jira
read:comment:jira
read:comment.property:jira
read:field:jira
read:field.default-value:jira
read:field.option:jira
read:field-configuration:jira
read:issue.property:jira
read:issue-details:jira
read:issue-type:jira
read:issue-field-values:jira
read:issue-security-level:jira
read:issue-type-hierarchy:jira
read:issue.changelog:jira
read:issue.vote:jira
read:issue-event:jira
read:user:jira
read:project:jira
read:project-category:jira
read:project.component:jira
read:project.property:jira
read:project-role:jira
read:project-version:jira
read:project.feature:jira
read:webhook:jira
write:webhook:jira
delete:webhook:jira
read:status:jira
read:jql:jira
read:project-type:jira
read:project.email:jira
read:epic:jira-software
- Click Save
- Go to the Authorization page
- Click Add next to the OAuth 2.0 (3LO) line
- Enter the callback URL based on your GitGuardian self-hosted instance URL:
https://<gitguardian.acme.com>/api/v1/jira-cloud/app/install_callback/
- Click Save changes
- Go to the Overview page
- Get your App details (
App ID
) (alternatively, you can find and copy it more easily from the URL)
- Go to the Settings page
- Get your Authentication details (
Client ID
,Secret
)
That's it! Your Jira Cloud app has been created and you can now declare your Jira Cloud app in the GitGuardian Platform.
Alternatively, if you are not a GitGuardian Manager, you can now return the Jira Cloud app credentials to your requester in the secure way of your choice (App ID
, Client ID
, Secret
).
All these permissions are defined for the creation of your Jira Cloud app. This Jira Cloud app can be used for any type of Jira Cloud integration (secret detection, issue tracking). When installing a Jira Cloud site for a specific integration, only a subset of your Jira Cloud app's permissions will be requested. GitGuardian requires only the minimum number of permissions per integration.
As a non Jira Cloud administrator
If you don't have the right to create a Jira Cloud app, please ask your Jira Cloud administrator to do it for you. You can easily forward a request with this procedure:
- Click the Send a request to a Jira administrator link to easily forward your request
- They should in turn provide you with the Jira Cloud app credentials to proceed with the rest of the configuration.