Security


Znalezione obrazy dla zapytania security icon free

User credentials

Our solution does not require to provide any remote user credentials

All changes are made on behalf of (local) Technical User account. Changes are made via JIRA REST API and JIRA JAVA API but those calls are internal (within the same server).

Data exposition

You don't expose any additional information except defined in your Contract.

Communication control

You can stop communication at any time and no data will be read/write to your JIRA (see status of Contract, invalidating Connection configuration or disabling some triggers on your Contract).

API accessCommunication between JIRAs is only via plugins API (no direct access to JIRA REST API methods).
Authentication

Authentication is made by the token provided in Connection's configuration.

SSL

SSL is recommended and supported. Check how to deal with SSL.

Verification

Incoming network communication must match Connection's URL provided by JIRA administrator.

Firewall

If one of JIRA cannot be exposed over network use Push & Pull Communication Model. (Behind Firewall scenario in Use Cases).

Communication is bidirectional even when one JIRA is behind firewall. In that case 'Active' JIRA (one that can see the public JIRA) do push and pull.

Our solution (Server-Server) does not use any intermediate server (like SMTP) to send-receive data. Because of that we do not support scenarios where both JIRAs are behind firewall.