Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

End to End Encryption

Islam Bahnasy
Islam Bahnasy March 21, 2023

Does Jira and other Atlassian products provide End-to-End encryption on their servers? meaning that data only gets decrypted on the client side and Atlassian cannot access this data?

Answer
Watch
Like Be the first to like this
1017 views

1 answer

0 votes
Dirk Ronsmans
Dirk Ronsmans
Community Champion
March 21, 2023

Hey @Islam Bahnasy ,

On the Atlassian Trust Center you can find the information you are looking for.

https://www.atlassian.com/trust/security/security-practices#encryption-of-data

 

image.png

View More Comments
Islam Bahnasy
Islam Bahnasy March 21, 2023

Thanks for your reply but I'm not asking about data transfer as it's of course using TLS session, and not about disk encryption.

But I mean End-to-End where data is only decrypted in the client side (the browser) and remains encrypted on the server which means that Atlassian employees cannot access it in plain text.

Like
Rupert Jung
Rupert Jung
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 4, 2024

Yes, I was also wondering why this isn't supported. 

  • Enter key in browser
  • Save hash of key in cookie
  • Use this key to encrypt and decrypt all loaded data directly within the browser (javascript or webassembly)
  • Key does never leave the browser

 

THAT would be real security.

Like
Metin _savignano software solutions_
Metin _savignano software solutions_
Atlassian Partner
July 4, 2024

The contents of cookies are supposed to be sent to the server, so that won't work.

However, I get your idea, yet that doesn't work for structured data that needs to be processed by the server app (like for indexing, referencing, searching).

Like
Rupert Jung
Rupert Jung
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
July 5, 2024

Yes, maybe the local storage may be a better idea or just save the secret on a secure place within the browser.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Product Admin
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security