All Collections
Organisations
Integrations
Jira
Jira
L
Written by Lise
Updated over a week ago

The Intigriti integration with Jira provides the ability to seamlessly integrate your Intigriti programs with your existing Jira projects. More specifically, it allows you to create Jira issues containing the desired submission details and will keep them in sync too.

Connecting to a Jira instance

What do I need?

  • A Jira administrator to help you create an integration user and set up an application link in case of a Jira Server or Data Center instance.

  • A company administrator to help you set up the connection between Jira and Intigriti.

Step-by-step: Jira Cloud

  • Go to Intigriti > Admin > Integrations > Jira Cloud.

  • Click 'Add connection'.

  • Add a connection name and logo.

  • Insert your Jira URL: https://*.atlassian.net

  • Click 'Connect'.

  • Log in as Intigriti integration user on the Atlassian page.

  • Optional in case of multiple Jira instances: Select the correct Jira instance.

💡If the integration user has access to multiple Jira instances and you accidentally selected the wrong instance, simply reconnect to Jira and choose the correct instance to rectify the situation.

  • Click 'Accept' and grant Intigriti read and write access to your Jira data.

When the Jira Connection is set up successfully, you will be able to see the details of the authenticated user and you can start configuring integrations between your Intigriti programs and Jira Projects.

Step-by-step: Jira Server / Data Center

❗It's not possible to connect to a Jira Server that is behind a VPN.

  • Open both Intigriti and Jira.

    • Go to Intigriti > Admin > Integrations > Jira Sever.

    • Go to Jira > Jira Administration > Applications > Application Links.

  • Intigriti

    • Click 'Add connection'.

    • Add a connection name and logo.

    • Copy the Intigriti Application URL (https://app.intigriti.com) to your clipboard.

  • Jira

    • Insert the Intigriti Application URL (https://app.intigriti.com) in the Application URL field.

    • Click 'Create new link'.

    • Add 'Intigriti' as Application Name.

    • Select Application Type 'Generic application'.

    • Check 'Create incoming link': ✅

    • Copy the Application URL to your clipboard.

    • Click 'Continue'.

💡When linking applications in Jira, make sure to only provide the necessary information mentioned above. By doing so, you can ensure that all other application link input fields remain optional, simplifying the process.

  • Intigriti

    • Go back to the Jira connection configuration page.

    • Insert the copied Jira URL.

  • Jira

    • In the same Link applications modal, enter the following information:

      • Consumer Key: IntigritiJiraClient

      • Consumer Name: intigriti

      • Public Key:
        -----BEGIN PUBLIC KEY-----
        MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0vF2YmsS1g50pOa2kJ7eeYmXxZmqet4Btoe0q65REny+4x63rhKHMeJWPXh6c//CaWyyvcp8xrq9Ofl+SkmiklgTVxi7DyVWktQ60lQZZzW89kzikbZBwhXGyUQMow0YpGxQgmNJxt5BUsfvULyDMX3RFeIuc1IosiG5d3h5JowIDAQAB
        -----END PUBLIC KEY-----

    • Click 'Continue'.

  • Intigriti

    • Go back to the Intigriti Jira connection configuration page.

    • Click 'Connect'.

  • Jira

    • Authenticate with the Intigriti integration user.

    • Click 'Allow' and grant Intigriti read and write access to your Jira data.

💡If the integration user has access to multiple Jira instances and you accidentally selected the wrong instance, simply reconnect to Jira and choose the correct instance to rectify the situation.

When the Jira Connection is set up successfully, you will be able to see the details of the authenticated user and you can start configuring integrations between your Intigriti programs and Jira Projects.

Integrating with a Jira project

What do I need?

  • An active connection between the relevant Jira instance and Intigriti.

  • A program administrator to configure the integration between the Jira instance and Intigriti platform.

Step-by-step

  • Go to Program > Integrations > Jira Cloud or Jira Server.

  • Click 'Open configuration'.

  • Click 'Add integration'.

  • Add a Jira integration name (e.g. the name of the Jira project.). This will be the name that is visible to Intigriti program members as a reference to the Jira project.

  • Add a logo.

  • Select the Jira connection via which the project can be accessed.

  • Select the Jira project you want to integrate with.

💡If your Jira project is not visible in the drop-down, please contact your Jira administrator to ensure that the Intigriti integration user has the required project permissions in Jira.

  • Select the Jira Issue creation trigger or event on which you want to create a Jira issue in case you want to push submission details automatically to the selected Jira Project.

💡The 'Create Jira Issue' option will remain available, allowing you to push the submission to Jira whenever needed. We will prevent duplicate creation, even when combining manual and automatic pushes.

  • Select the Jira Issue type.

  • Add up to 10 Jira labels. These static labels will be added to each Jira issue.

  • Map the following submission properties to values of issue properties if desired:

    • Submission severity - Issue priority

    • Submission status - Issue status

    • Submission closed reason - Issue resolution

  • Indicate if the default submission template must be added to the issue description, containing the following information:

    • Submission references: code, URL, internal ref, internal link

    • Submission information: status & creation date

    • Researcher information: username & IP address

    • Report content: severity, domain, endpoint, type, PoC, impact, solution, Q&A, attachments

❌ The following information is not part of the template: submission tags, groups, assignee and payouts.

  • Indicate if submission messages and attachments must be added to the Jira issue comments. You can select one or more of the following message types:

    • Messages posted by researchers

    • Messages posted by Intigriti triage

    • Messages posted by company users

    • Submission event messages

  • Click 'Activate'.

  • Indicate whether you want to automatically delete the test issue that will be pushed to your Jira Project upon activation. You can also delete it manually after confirming the integration.

  • 'Confirm' you want to activate the integration.

❗If the test issue creation fails, it indicates that your configuration may not be compatible. Please verify that the integration user has the necessary permissions. If the issue persists, contact your customer success manager for further assistance.

FAQ

Why are certain attachments not pushed to Jira?

The Jira integration behaves differently for Jira Cloud and Jira Server when it comes to attachments. The maximum file size for attachments on the Intigriti platform is 1 GB.

For Jira Cloud, file size shouldn't be an issue as the default limit is 2 GB. However, if you have customized the setup and lowered the file size limit to something less than 1 GB, there may be problems if the attachment exceeds the allowed size. In such cases, the integration will cease to sync the file and it won't be attached.

Regarding Jira Server, syncing large files can encounter issues due to potential timeouts in server requests. There is a timeout limitation on the Jira server side, which is set to 5 minutes. Consequently, big files that take longer than 5 minutes to upload may encounter problems. In such cases, all other content (attachments, messages, etc.) will be sent except for the excessively large file. The Jira connection and integration will remain active.

To adjust file attachment settings, please refer to this guide.

Why is my integration suddenly inactive?


There can be a few reasons why a Jira integration becomes deactivated on the platform.

  1. Your company administrator has deactivated or removed the connection between Intigriti and the Jira instance.

  2. Your company or program administrator has manually deactivated the program's Jira integration.

  3. Your integration was automatically deactivated due to persistent errors.
    Most common issues are:

    1. The Jira issue can't be found as it has been moved or deleted.

    2. The Jira issue can't be found as the project has been removed or renamed.

    3. The submission contains special characters that are not allowed by Jira.

    4. The permissions of the Jira integration user have been modified.

Can I push submission info to multiple Jira projects?

Depending on your organization's structure it might be beneficial to set up multiple integrations for one program. This allows you to share submission details with (a combination of) multiple teams within your organization e.g. operations teams, security teams, …

Intigriti fully supports this in both Jira Cloud and Server. You can simply repeat the process above as many times as needed to make this happen.

Which permissions should I assign to my Jira integration user?

When setting up your program Jira integration, you might experience one of the following issues:

  • Desired Jira project is not visible in the drop-down

  • Desired issue type is not visible in the drop-down

  • Jira Issue priorities or statuses can't be mapped (No items found)

In this case, it's likely that your Jira integration user does not have the required permissions to successfully configure and activate the Jira integration.

Make sure that the Jira integration user has the following permissions:

  • Project permissions

    • Browse programs

    • View (read-only) Workflow

  • Issue permissions

    • Create issues

    • Edit issues

    • Transition issues

    • Resolve issues

    • Close issues

    • Delete issues (Optional)

  • Comments permissions

    • Add comments

  • Attachments permissions

    • Create attachments

Go to the Atlassian website for more information on:

Did this answer your question?