Security Concerns with a profile created interact with GitLab

Collista Lewingdon
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
December 13, 2022

Before I started at my job, the Confluence and Jira system had been set up by a software developer. He created a profile to interact with the source control system GitlLab and gave that profile access as site admin. When I started he informed me that the profile needed to remain a site admin in Jira because of the API's in GitLab being tied to it and they won't work unless the profile is an administrator. Since I have started I noticed several security concerns with our system and have really reigned in control of the system, taking away admin privileges from pretty much everyone. (They were given out like candy prior to me) . This profile that is only supposed to be being used to source control system is now doing things in the system that have been restricted to space admin, like creating Spaces and Projects. Does anyone know if this user profile truly needs to have site admin rights to run the API's or will a lesser security access allow the same things to be accomplished?

1 answer

0 votes
Trudy Claspill
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 13, 2022

Hello @Collista Lewingdon 

What method was used to set up the integration? Was a third party app used? Have you checked the documentation for that method to find out what access is required?

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
STANDARD
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events