Connect to a Jira Account

JFrog Security Documentation

Products
JFrog Xray
Content Type
User Guide
ft:sourceType
Paligo

Connect Jira to Xray through the Xray interface using one of the supported authentication methods. Navigate to Administration > Xray > Settings > Integration

JFrog Cloud New Interface (Beta)

On the taskbar, click 176260854.png (Platform Configurations), and select Xray Settings > Integrations. To learn more, click here.JFrog Platform New UI (Beta) Quick Start Guide

Xray supports three authentication methods:

  • OAuth1

  • OAuth2

  • Basic Auth

Xray Self Hosted

Xray Cloud

Jira Self-Managed  (Jira Server / Data Center before Jira version 8.22.0)
  • Basic Auth

  • OAuth1

  • Basic Auth

  • OAuth1

Jira Self-Managed (Jira Server / Jira Data Center with or after Jira version 8.22.0)

  • Basic Auth

  • OAuth2

  • Basic Auth

  • OAuth2

Jira Cloud
  • Basic Auth

  • OAuth2

  • Basic Auth

  • OAuth2

Follow the steps depending on the chosen authentication method.

When to use basic authentication?

Basic authentication provides a simple mechanism to do authentication when experimenting with the REST API, writing a personal script, or for use by a bot. However, as basic authentication repeatedly sends the username and password on each request, which could be cached in the web browser, it is not the most secure method of authentication we support.

We recommend you use OAuth over basic authentication for most cases. OAuth requires more work to implement, but it uses a token-based workflow that is much more secure.

Connect Jira to Xray Using OAuth1

Note

This method is supported only for Self Managed Jira instances.

  1. Create a public key to input in Jira:

    For more information, see https://developer.atlassian.com/server/jira/platform/oauth/#create-an-application-link (Step 1, Create Application link).

  2. Copy your Jira URL into the dedicated box and click Generate Key.

  3. In Atlassian: Copy and input the generated Key into your Jira "Link application" - Public Key. Your integration is ready for testing.

  4. Click Next.

    A validation window will open with Jira validation that you need to allow to finish integration. If the window is not showing this message, go back to step 1.

    If the window does not appear, check your pop-up blocker settings, and then again try clicking on the Click here hyperlink shown in a modal window.

  5. After approving the connection, click Test Integration. If everything is correct, the Finish Step appears. You are advised to click Next to complete the Integration by creating a profile.

Connect Jira Cloud to Xray using OAuth2
  1. In your Jira account configure the Client and Secret ID.

    For more information, see https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/

  2. In Atlassian: When you are required to input your Scope Permissions, use the following list of permissions:

    read:issue-type:jira
    read:issue-type.property:jira
    read:project:jira
    read:project.property:jira
    read:user:jira
    read:application-role:jira
    read:avatar:jira
    read:group:jira
    read:issue-type-hierarchy:jira
    read:project-category:jira
    read:project-version:jira
    read:project.component:jira
    read:field:jira
    read:field-configuration:jira
    read:issue-meta:jira
    write:issue:jira
    write:comment:jira
    write:comment.property:jira
    write:attachment:jira
    read:issue:jira
    read:label:jira
    read:issue-security-level:jira
    read:issue.vote:jira
    read:issue.changelog:jira
    read:status:jira
    read:comment:jira
    read:comment.property:jira
    read:project-role:jira
  3. In Atlassian: When inputting your Callback URL, use the Copy Callback URL in the Xray Jira wizard. 

    Screenshot_2024-03-27_at_16_42_40.png
  4. From the Xray Jira wizard, copy the generated Client ID and Secret to the related boxes and click Next.

    A validation window appears with Jira validation

  5. Select the desired Atlassian account in the Authorize for Site dropdown and click Accept to complete the integration.

  6. After approving the connection, click Test Integration. If everything is correct, the Finish Step appears. You are advised to click Next to complete the Integration by creating a profile.

Connect Jira Self-Managed to Xray using OAuth2
  1. In the JFrog Platform:

    1. Navigate to Administration > Xray Settings > Integration. Click Add Jira Integration. A window opens up where you can configure the integration.

    2. Under Installation Type select Server. Under Authentication Type select OAuth2. Add an Integration Name and click on Next.

    3. Click on the copy icon to copy the callback URL and proceed to the next step.

  2. In the Jira platform:

    1. Navigate to the Administration page. Under the options of Integrations select the Application links tab.

    2. Click the Create Link button to create a new Application link. This will be used to connect to Xray. To learn more about Application links, see here.

      A window appears for creating the Application link.

    3. Under Application type select External application. Under Direction select Incoming. Click Continue.

      You will be redirected to the page for configuring the incoming link.

    4. Add a name for the link. Paste the callback URL from Xray in the Redirect URL input. From the Permission dropdown, select Write. Click Save.

      You will now be taken to the Credentials page where the Client ID and Client Secret will be shown. They will be needed in the next step.

  3. In the JFrog Platform:

    1. Copy the Client ID and Client Secret from the previous step and paste them under the Client ID and Secret inputs in Xray. Add the base URL of the Jira instance under the Jira URL. Click Next.

    2. A window opens asking for approval of the connection. Click Allow.

    3. After approving the connection, click Test Integration. If everything is correct, the Finish Step appears. You are advised to click Next to complete the Integration by creating a profile.

Connect Jira to Xray Using Basic Authentication
  1. In the installation type select Basic Integration and add the integration name.

  2. In your Jira account create an API Token. Use this link: https://id.atlassian.com/manage-profile/security/api-tokens

    For more information, see https://developer.atlassian.com/server/jira/platform/basic-authentication/

  3. From the Xray Jira wizard, provide the following:

    • The created API token

    • Jira URL

    • Your User Name"(email that Jira integration is registered)

  4. Click Next.

    You are all set. Continue to the next step, Profile Creation.