Skip to main content

Jira Basic Auth

Description#

General#

  • Documentation: https://developer.atlassian.com/cloud/jira/platform/rest/v3/intro/
  • Summary: Jira is a ticket management platform. This detector aims to detect personal credentials used to connect to the API or Jira's web application.
  • IPs allowlist: This feature is available for premium plans: the documentation can be found here.
  • Scopes: Credentials' scopes are those of the user they belong to.

Revoke the secret#

The secret can be revoked either by changing the user's password or by deactivating the account.

Check for suspicious activity#

Access logs can be configured using this documentation.

Details for Jira basic auth#

  • Category: Collaboration tool

  • Company: Atlassian

  • High recall: False

  • Validity check available: False

  • Minimum number of matches: 3

  • Occurrences found for one million commits: 0.48

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r)?html5?~?$  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - jira  - atlassian

Examples#

- text: >    +    public function __construct()    +    {    +        $this->creds = new ArrayConfiguration([    +            'jiraHost' => 'https://triggergg.atlassian.net',    +            'jiraUser' => 'dbarrette@triggergg.com',    +            'jiraPassword' => '6ZIHOIeNl1GbNFIb7h6ID4EC6ZIHOIeNl1GbNFIb7h6ID4EC',    +        ]);    +    }
  client_id: dbarrette@triggergg.com  client_secret: 6ZIHOIeNl1GbNFIb7h6ID4EC6ZIHOIeNl1GbNFIb7h6ID4EC  host: https://triggergg.atlassian.net
- text: >    JIRA_USERNAME="staging-admin@hellothere.com"    JIRA_PASSWORD="stagingadmin132"    JIRA_ENDPOINT="https://support-staging.hellothere.com/jira"  client_id: staging-admin@hellothere.com  client_secret: stagingadmin132  host: https://support-staging.hellothere.com