Jira Integration for API/Web/Cloud

Owned by Thomas Sileo
Last updated: Jun 21, 2022
2 min read

Data Theorem directly integrates with the Jira bug and issue tracking system, where tickets can be created and assigned automatically to any development team.

This integration will automatically export policy violations affecting your API, Web and Cloud Apps to Jira.

Overview

When the Data Theorem platform creates a Jira ticket, the following data is included in the ticket:

  • Which asset is affected

  • Details about the policy violation:

    • Description

    • Recommendation

    • URL to the violation in the Data Theorem portal

  • Custom Fields (based on how Data Theorem’s Jira integration was configured)

A sample developer workflow is as follows:

  1. Data Theorem creates a Jira ticket

  2. Developer fixes the issue

  3. Data Theorem performs a scan, marks the policy violation as “Fixed” in the Data Theorem portal, and then posts a comment in the corresponding Jira ticket to notify developers that the fix was detected.

    1. Please Note: Data Theorem will not update the status of an existing Jira ticket, for example to close the ticket. Instead, Data Theorem uses Jira comments posted on the ticket to provide updates (such as the issue being fixed). Your team is responsible for updating the ticket’s status appropriately.

Requirements

  1. The Jira instance must be publicly accessible (Cloud and Self-Hosted/On-Prem instances are supported).

  2. Whitelisting Data Theorem IP’s, necessary.

  3. Setting up the integration in the Data Theorem Portal.

Whitelisting Data Theorem’s IP Addresses

Please whitelist the following IP addresses to allow Data Theorem to properly connect: https://datatheorem.atlassian.net/servicedesk/customer/portal/1/article/1253671113.

Setting up the Integration

Data Theorem requires the following details in order to configure the Jira integration:

  • A dedicated Data Theorem account within your Jira instance:

    • You will need to provide the username and an API Token for the account. Instructions for creating an API Token can be found here.

    • The account will need the ability to create tickets and add comments.

    • It is strongly advised to restrict the account’s access to the specific Jira project that should be used for the integration.

    • Data Theorem does not currently support OAuth but rather relies on Basic authentication through the use of an API Token.

  • The URL to your Jira instance (ex: https://yourdomain.atlassian.net).

    • Please verify this field with your IT or Jira Admin.

To begin the integration process, complete the web form here, which gathers the remaining required information to connect Data Theorem to your Jira system.