Set up the Jira integration
The following are steps to set up the latest integration. Find the documentation on setting up the previous release at the bottom of this page.
Have someone with a User Manager role and access to the most groups in your organization set up this integration. The connection is made with the groups this person has access to.
After you have installed the Fluid Attacks app for Jira Cloud, follow these steps to set up the integration:
- From the top menu, click on Apps and then Manage your apps.
- Click on the Settings option for the Fluid Attacks app.
- Provide the Fluid Attacks API token and click Connect. To learn how to get this token on Fluid Attacks’ platform, read Generate or revoke the API token.
- Carefully read Fluid Attacks' disclaimer. Please bear in mind that you are agreeing to Atlassian's data policies. Click on Confirm to proceed.
- When the screen shows successful authentication, you can connect security containers (i.e., groups). Within your Jira project, go to Security and click Finish setup.
- Under Connected tools, find the Fluid Attacks app and click on Connect security containers.
- Under Connect security containers, click on your organization's name.
- Select the intended group(s) and click on Connect.
- Wait up to a few minutes while Jira retrieves the vulnerabilities reported in the platform.
Successful authentication
Finish setup option
When the reported vulnerabilities start appearing, you can see their details and the options to link to a Jira issue or create a Jira issue to link.
Previous release
A more recent release is available. You are advised to install it and follow the steps above.
Permissions required: To set up this integration, you need the permission “Administer Jira” on Jira Cloud.
After you have installed the Fluid Attacks app for Jira Cloud, follow these steps to set up the integration:
- Open the Jira project that you wish to connect with Fluid Attacks’ platform.
- Select Fluid Attacks under APPS in the left-hand menu.
- You will get a message with the path to set up the Fluid Attacks app.
- Provide the Fluid Attacks API token in the screen shown below and click Connect. To learn how to get this token on Fluid Attacks’ platform, read Generate or revoke the API token.
- Select the corresponding group on Fluid Attacks' platform and click Save. You will get a “Settings saved” message confirming the process was successful.
Note: To generate the API token your client role on Fluid Attacks’ platform must be either User, Vulnerability Manager or User Manager.
Upon clicking on Back to project, you will be directed to the section of your project dedicated to the Fluid Attacks app. There, if you are the Jira instance admin or have the permission "Administer Jira," you can see the reported vulnerabilities with their details and the options to link to a Jira issue or create a Jira issue to link.
Note: To access linked vulnerabilities and request reattacks on Jira Cloud, you must have the permission to assign or be assigned issues.
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.