Jira Basic Auth

Description

General

• Documentation: https://developer.atlassian.com/cloud/jira/platform/rest/v3/intro/
• Summary: Jira is a ticket management platform. This detector aims to detect personal credentials used to connect to the API or Jira's web application.
• IPs allowlist: This feature is available for premium plans: the documentation can be found here.
• Scopes: Credentials' scopes are those of the user they belong to.

Revoke the secret

The secret can be revoked either by changing the user's password or by deactivating the account.

Check for suspicious activity

Access logs can be configured using this documentation.

Details for Jira Basic Auth

• Family: credentials

• Category: collaboration_tool

• Company: Atlassian

• High recall: False

• Validity check available: False

• Analyzer available: False

• Minimum number of matches: 3

• Occurrences found for one million commits: 0.48

• Prefixed: False

• PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: true
- type: ContentWhitelistPreValidator
  patterns:
    - jira
    - atlassian

Examples

- text: |
    +    public function __construct()
    +    {
    +        $this->creds = new ArrayConfiguration([
    +            'jiraHost' => 'https://triggergg.atlassian.net',
    +            'jiraUser' => 'dbarrette@triggergg.com',
    +            'jiraPassword' => '3ZIKMIeNl1GbIFIa0x6ID2EC1MIJOIeKl1VbFCAb7t1IF4EC',
    +        ]);
    +    }

  client_id: dbarrette@triggergg.com
  client_secret: 3ZIKMIeNl1GbIFIa0x6ID2EC1MIJOIeKl1VbFCAb7t1IF4EC
  host: https://triggergg.atlassian.net

- text: |
    JIRA_USERNAME="staging-admin@hellothere.com"
    JIRA_PASSWORD="stazpngadrgn032"
    JIRA_ENDPOINT="https://support-staging.hellothere.com/jira"
  client_id: staging-admin@hellothere.com
  client_secret: stazpngadrgn032
  host: https://support-staging.hellothere.com