Note: Jira OAuth 2.0 is currently available in a beta program. If you'd like access to this new authentication method, reach out to your Pluralsight contact.
Now you can authenticate Flow with Jira using OAuth 2.0, instead of the previous OAuth 1.0a option. If you have an existing Jira integration using either OAuth 1.0a or access token, follow the steps below to update your credentials or create a new integration.
This new authentication mechanism makes integrating Flow with Jira much simpler. You’ll also benefit from improved security, since OAuth 2.0 uses short-lived and revocable access tokens, as well as allowing you to grant more fine-grained access scopes to Flow.
Note: Jira Oauth 2 is available for Jira Cloud and Jira Data Center. If you are using a Jira Server product, you must use an access token for authentication.
In this article
Permissions and scopes
Integrations using OAuth 2.0 require the same user permissions for your service account as our other Jira authentication methods. Read more about user permissions in the Jira Cloud and self-hosted setup article.
However, Flow requests access to a more select list of read-only scopes as part of our connection to gather the data we require. You’ll see a full list of these scopes when you accept the connection between Flow and Jira as part of creating a new integration or migrating your existing integration.
Note: While the service account user must have the Create issues permission, Flow only requests read-only scopes during the OAuth flow. This means Flow does not have the ability to write to your Jira.
The Create issues permission is required for Flow to ingest issue type metadata. While this is a read/write permission, the granular scopes requested during OAuth ensure Flow does not actually have write access to your Jira system in any capacity. If Flow adds functionality in the future that requires more scopes, you will need to specifically authorize those additional scopes during OAuth. They cannot be increased without your direct acceptance.
Prerequisite steps for Jira Data Center
If you have a Jira Data Center integration, you must configure an application link (external site, opens in new tab) in Jira before taking any steps in Flow. When configuring this link, ensure:
- The callback/redirect URL is set to
https://flow.pluralsight.com/accounts/complete/jira-data-center
- The application permissions are set to
read
Once your application link is created, copy the Client ID and Client secret to input in Flow later.
Tip: Make sure to label your application link so you can easily tell which one is for Flow. If you ever need to reauthenticate, you’ll need to find the Client ID and Client secret again.
Create a new Jira integration
Important: If you have an existing Jira integration, follow the migration instructions to update your authorization mechanism. Do not create a new integration to duplicate your existing integration.
To create a new Jira integration:
- On the Integrations page, click Add integration.
- Click Jira Cloud & Self-managed.
- Select OAuth.
- Enter your Base URL, starting with https and excluding any trailing slashes.
- If Flow detects that your base URL is not a Jira Cloud URL, Flow will open additional fields for Client ID and Client secret. Enter the values from your application link in Jira Data Center.
- Click Connect with OAuth.
- In the resulting window, log in to the Atlassian account for the service account, if prompted.
- Select which Jira organization to authenticate with.
- Review the requested scopes, then click Accept. This will close the new window.
- In Flow, click Next.
Once your authentication is complete, enable or disable services, then name your integration to complete your integration setup.
Migrate an existing Jira integration
To edit an existing Jira integration:
- Click Edit on the integration’s details page.
- Select OAuth.
- Enter your Base URL, starting with https and excluding any trailing slashes.
- If Flow detects that your base URL is not a Jira Cloud URL, Flow will open additional fields for Client ID and Client secret. Enter the values from your application link in Jira Data Center.
- Click Connect with OAuth.
- In the resulting window, log in to the Atlassian account for the service account, if prompted.
- Select which Jira organization to authenticate with.
- Review the requested scopes, then click Accept. This will close the new window.
- In Flow, click Next.
Once your authentication is updated, rename your integration if desired to complete your integration setup.
Note: Updating your integration method and credentials will not affect any already-ingested data in Flow. Ensure you’re authenticating with a service account that has the correct permissions to ensure new data continues to ingest correctly.
Once your integration is processing correctly, please delete any previously-created application links for OAuth 1.0a from Jira.