I am developing a Jira plugin that will require the user credentials to be sent to an external backend hosted on AWS to perform some tasks and display the results back in Jira as Issues via APIs. My questions are
1- Is it allowed to send the credentials to an external service ?. Of course it will be clearly stated that the username/password will not be saved anywhere and this is part of the functionality of the plugin.
2- I know that sending requests to external service is allowed but in such scenario do you believe there are any hidden points i should be aware of ?.
3- Are there any restrictions when it comes to communication with external services ?. I couldn't find any
Thanks in advance
I think, in theory, you could do this. Legally, I'm not qualified to go into it. So I'm not sure about "allowed".
However, on a technical level, it doesn't matter. You can not send the credentials from Jira to another service, as Jira does not have them. There's nothing it can send.
You need to be looking at shared authentication systems if you want to do this. Not username/password.
Hey there Cloud Community members! We’re excited to give you the first glimpse of the new home for business teams on Jira — Jira Work Management. Jira Work Management is the next generation of J...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events