Jira

Suggest Edits
You can connect your Jira project board to a Bright scan, for tickets to be automatically opened for each security vulnerability detected. Each ticket contains the following information:
  • Issue severity level
  • Details of discovery
  • Possible exposure
  • Remediation suggestions

For each new scan, you can select different Jira projects integrated with your Bright projects.

🚧

Warning

If your Jira project sets any required fields for all tickets (for example, components), then Bright will not be able to open tickets for detected issues. Please check your project settings and change them if necessary.

Prerequisites

  • The Bright connection to the On-Premise Jira is enabled via the Bright CLI. For that, you need to have the Bright CLI installed on your machine. See the installation instructions here.
  • Create a Repeater using Bright web app (for more details, see the article)
  • Create or use existing Organization/User API key
  • Start the repeater using this option: bright-cli repeater —REPEATER ID —TOKEN
    • for REPEATER ID use the ID of the created repeater
    • for TOKEN use the token from the Organization/User API key

Step-by-step guide

Connecting Bright to Cloud Jira account

  1. Go to the Bright app.
  2. In the left pane, select Organization.
  3. On the Organization page, scroll down to the INTEGRATION section.
  1. Click next to Jira, and then select Settings.

  1. Specify the Base URL, an Email, and the Access Token from the Prerequisites chapter:

  2. Select the On-Premise Jira checkbox and select the newly created repeater from the list.

  3. Click the Save button

🚧

Important

For security purposes, make sure to use the API token of a specific Jira profile (not the Admin/Organization level).

The Bright connection to Jira is enabled, which is indicated in the Enabled column. The Connectivity column is designed to indicate a local Jira Server connection status, which is irrelevant in this case.


On-Premise Jira (legacy)

In the Access Key field, copy an automatically generated INTEGRATION_ACCESS_KEY. You will need it to run the CLI command that enables connection to your On-Premise Jira account.
c) Open your console and run the following CLI command: 

bright-cli integration --access-key $INTEGRATION_ACCESS_KEY --base-url https://your-cluster.atlassian.net --user $USERNAME --password $PASSWORD --token $API_TOKEN

📘

Notes

  • Sample variables are marked with a $. You must substitute them for your real values.
  • If your Jira username or password includes any special characters (for example, "pa$$word"), enclose the entire username or password in single quotes.

This is the basic configuration of the command that connects Bright to an On-Premises Jira account. For more information about the command and its options, see Integrating with an On-Premise Ticketing Service.

Once you connect Bright to the On-Premise Jira via the Bright CLI, the Connectivity status in the INTEGRATION section changes to Connected. The Enabled column indicates the Cloud Jira connection status, which is irrelevant in this case.

Configuring Jira integration with Bright projects

After you have connected Bright to your Cloud or On-Premise Jira, you need to integrate one or multiple Jira projects with the Bright project to be used for a scan. The integration allows Bright to automatically open tickets with the detected issue details on the associated Jira boards. Moreover, you can set a certain severity level for issue tickets to be opened.

To integrate a specific Bright project with your Jira project(s), follow these steps.

Updated about 2 months ago