Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira slack link escapes Chrome Profile sandbox

Nate Gallaher
Nate Gallaher
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
January 8, 2025

I have two Chrome Profiles set up on my desktop computer. One is for Work, and the other is for Personal.  Chrome profiles keep cookies, history, password managers, extensions, etc all separate from each other.   

This generally works for all websites that I've interacted with, with the exception of JIRA Cloud Slack links. If I click on a slack link for a project that only my Work profile should be able to read, but it's opened in my personal profile, I find that I am suddenly logged in to JIRA with my work email account, but in my Personal chrome profile which should not know anything about my work life.  I am guessing that JIRA Slack links with their `atlorigin` argument are somehow pre-authenticated as my user and cause the browser to skip the auth workflow.   I would like this to not be the case.

How can I ensure that JIRA links from slack go through the appropriate authentication?

This is not new behavior and has been ongoing for some years now across many Chrome and (I presume) JIRA Cloud updates.

Auth mechanism: Google integration
Chrome version: (currently) Version 131.0.6778.204 (Official Build) (64-bit)

Reproduction:

  1. Create two profiles in Chrome. (Profile A, Profile B)
  2. Open a browsing instance in one of each. (Instance A, Instance B)
  3. Have most recently had Instance A active.
  4. Open Slack with the Jira Cloud App connected.
  5. Open the Jira slack app entry and click on any JIRA issue link.
  6. See that the link is opened in Instance A.
  7. Click on Instance B to raise it.
  8. In Slack, click on the issue link again.
  9. See that the issue is opened in Instance B.
  10. Authentication workflows were not completed in either instance and yet private access is achieved.

Desired behavior:
JIRA Slack links are not pre-authorized and instead require the user browser to have acquired credentials itself.  Thus, a link being opened in a Personal profile would be stopped at the login screen, whereas a link opened in my work profile would succeed as long as I had previously logged in to JIRA in the profile.

What I Have Tried:

  • Force-logout of JIRA in each profile
  • Chrome cookie purge
  • Chrome history purge
  • Reinstalled computer / browser
  • Reviewed available configuration items for Slack/JIRA integration and found no relevant pre-auth link option.
Answer
Watch
Like Mirek likes this
435 views

1 answer

0 votes
Mirek
Mirek
Community Champion
January 28, 2025

HI @Nate Gallaher 

Looks like a pretty odd behavior probably because cookies are shared across profiles.. I guess using completely different browsers for Work and Personal is not an option right? :)

If not then I would try to disable specific cookies (for Slack/Jira) and see how this behaves after or incognito mode or maybe use different Slack workspaces - have it for work and personal - just make sure that you are logged in to them only on specific profiles (Work profile -> Work Slack) .. 

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security