Are there known security risks when enabling the remote APIs in Confluence?

Hi,

to link Confluence pages in JIRA the remote APIs need to be enabled. Are there any known issues connected to either linking Confluence and JIRA or enabling the APIs?

Any advice, point where to look or link to documentation is appreciated.

Thanks!

KR,
Iakov

1 answer

1 accepted

0 votes
Answer accepted

Hi,

I experienced this one:

Invalid name for a single Jira user made Confluence inaccessible for any user.

It also applies to Jira-Jira linking and Jira-Crowd.

More info:

https://jira.atlassian.com/browse/CWD-3740

https://jira.atlassian.com/browse/JRA-32029

Andris.

Hi Andris,

Thank you for your answer. In our setup we're using delegated LDAP as user directory so that the issues you mentioned doesn't apply.

Are there other known issues when remote APIs are enabled?

KR

Iakov

LDAP may or may not solve that issue. If there will be wrong character in username in LDAP you will not be able to synchronize jira or confluence to jira instance which uses that particular LDAP.

We also had issue where by opening project in jira, project timeline showed all the last changes from confluence (not related to that project). I suggest to test it before you go to production. Probably it was caused by incorrect setup - not sure.

OK, I will keep that in mind.

Many thanks!

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Mar 12, 2019 in Confluence

Confluence Admin Certification now $150 for Community Members

More and more people are building their careers with Atlassian, and we want you to be at the front of this wave! Important Dates Start the Certification Prep Course by 2 April 2019 Take your e...

1,334 views 2 13
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you