.png?sv=2019-07-07&sig=sqvD4jHoONiz9a4mYVVcPvICnBvR%2FCMqLKAbFGpo8QE%3D&spr=https%2Chttp&st=2023-09-23T23%3A45%3A26Z&se=2023-09-23T23%3A55%3A26Z&srt=o&ss=b&sp=r){kind=logo}
Atlassian (Formerly Atlassian Jira Software)
- 14 Sep 2023
- 5 Minutes to read
- Print
- DarkLight
- PDF
Atlassian (Formerly Atlassian Jira Software)
- Updated on 14 Sep 2023
- 5 Minutes to read
- Print
- DarkLight
- PDF
Article Summary
Share feedback
Thanks for sharing your feedback!
Atlassian (formerly Atlassian Jira Software) is a work management tool for various use cases, from requirements and test case management to agile software development.
This adapter lets you fetch data and get visibility and security across all Atlassian accounts and products at your company, including the users managed under the following cloud products:
- Jira Software
- Jira Work Management
- Jira Service Management
- Confluence
- Bitbucket
- Trello
- Opsgenie
Types of Assets Fetched
This adapter fetches the following types of assets:
- Users
- SaaS data
Parameters
Jira Domain (required) - The hostname or IP address of the Jira Software server.
User Name (required)* - The username for a user account that has the Required Permissions to fetch assets.
Password (only for accounts with SaaS Management capability) - The password for the Atlassian user account.
API Token (required) - An API Token associated with a user account that has the Required Permissions to fetch assets. Note: The API Token is not the same as the Admin Key.
Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.
HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.
Jira API Version (required, default: V3) - Select your Jira API version.
Atlassian Admin API - Organization ID and Atlassian Admin API - API key (only for accounts with SaaS Management capability) - The organization ID and an organization API key generated for fetching SaaS data.
2FA Secret Key (only for accounts with SaaS Management capability) - If you access Atlassian through an SSO solution that requires two-factor authentication, you will need to generate a secret key in that solution and paste it here. See instructions for performing this action in Okta.
Connection Label (required for accounts with SaaS Management capability) - A label to help distinguish between multiple connections for the Atlassian adapter.
To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.
Advanced Settings
Note:
Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to Advanced Configuration for Adapters
- Do not fetch disabled users (required, default: false) - Select whether to exclude fetching disabled users.
- Distinguish User ID From Different Domains - When selected, the Atlassian domain is appended to the ID of each user, to allow Axonius to fetch the same users from multiple sites without overriding the data.
- Fetch projects and project roles (only for accounts with SaaS Management capability) - Select this option to fetch projects and project roles.
- Fetch groups (only for accounts with SaaS Management capability) - Select whether to fetch users groups details.
- Fetch permissions (only for accounts with SaaS Management capability) - Select to fetch permissions configured for the Atlassian accounts in your organization.
- Fetch settings (only for accounts with SaaS Management capability) - Select to fetch settings configured for the Atlassian accounts in your organization (only for accounts with SaaS Management capability).
- Filter users without site access (only for accounts with SaaS Management capability) - Select to exclude users who cannot access the Atlassian site.
- Number of parallel requests (only for accounts with SaaS Management capability) - Specify the maximum parallel request this adapter will create when connecting the Atlassian server.
- This setting lets you control the performance of this adapter.
Note:
To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.
API
Axonius uses the Jira Cloud platform REST API*.
Required Permissions
The value supplied in User Name must have Jira 'global' permissions to fetch assets. For permissions required for fetching Saas data, see the Create a User Account and Create an Organization API Key sections.
Create a User Account
Note: While to access SaaS data you need to grant roles and/or permissions that include write capabilities, the adapter only actually reads data from the application.
Note:
- This step is only needed for fetching SaaS data.
- If single-sign-on is enabled, then it is recommended to derive the username and password from a user account maintained by the single-sign-on solution.
You must have the Jira Administrator or Jira System Administrator global permission to be able to manage users in Jira applications.
To create a new user, from the Atlassian Administration:
- Go to Administration > User Management.
- In the User browser, select Create User.
- Enter the Username, Password, Full Name, and Email address.
- The password length should be at least 32 characters.
- The user account needs to have MFA disabled.
- Select all Jira applications.
- Select the Create button.
- To fetch data from the Atlassian Access, the created account must be an admin:
- Go to Settings > Administrators.
- Click Add administrators.
- Enter the created Atlassian account email address and click Grant access.
- If the created account has not been set as an admin, to fetch data from Jira, edit that user and add them to groups that provides the following permissions:
- Administer Jira global permission
- Browse users and groups global permission
- Administer projects project permission (for all projects)
- If the created account has not been set as an admin, to fetch data from Confluence, edit that user and add them to groups that provides the following permissions:
- Permission to access the Confluence site ('Can use' global permission).
- 'View' permission for all spaces.
Create an Organization API Key
Note: While to access SaaS data you need to grant roles and/or permissions that include write capabilities, the adapter only actually reads data from the application..
Note:
This step is only needed for retrieving SaaS data.
- Login to admin.atlassian.com with the created Atlassian account. Select your organization if you have more than one.
- Select Settings > API keys.
- Select Create API key in the top right.
- Enter a name that you’ll remember to identify the API key.
- Set the latest date possible for the key expiration date. You will be unable to select a date longer than a year from the date of creation.
- Select Create to save the API key.
- Copy the generated Organization ID and API key.
- Select Done. The key will appear in your list of API keys.
- In Axonius, paste the copied values in the Atlassian Admin API - API Key and Atlassian Admin API - Organization ID fields.
Create an API token
Note: While to access SaaS data you need to grant roles and/or permissions that include write capabilities, the adapter only actually reads data from the application.
- Login to admin.atlassian.com with the created Atlassian account, and generate an API token, using the following URL: https://id.atlassian.com/manage/api-tokens#
- To generate an API Token, click on Create API token
- Choose a label that is short, memorable, and easy to remember, and click Create.
- Copy the generated API token.
- In Axonius, paste the copied token in the API Token field.
Version Matrix
This adapter has only been tested with the versions marked as supported, but may work with other versions. Please contact Axonius Support if you have a version that is not listed and it is not functioning as expected.
| Version | Supported | Notes |
|---|---|---|
| V3 | Yes |