Securely connect your GitHub Enterprise Server with GitHub for Jira using API Key Pre-Authorization

DVCS Connector will be sunset on Mar 31, 2024. We strongly encourage you to upgrade to GitHub for Jira to avoid any interruptions and take full advantage of its benefits. If you were concerned about the security to move your GitHub Enterprise Server connection to GitHub for Jira, this new API key pre-authorization security feature is what you are looking for to upgrade.

(You can start upgrading today: GitHub for Jira | Atlassian Marketplace, and follow instructions: Integrate Jira Software with GitHub Enterprise Server | Atlassian Support)

 

GitHub for Jira is a popular app that allows you to integrate your GitHub Enterprise Server and Jira Cloud. It streamlines the process of tracking your development and deployment work by automatically linking your GitHub commits, pull requests, branches and CI/CD data to your Jira issues.

However, customers with GitHub Enterprise Server behind firewalls may be hesitant to use GitHub for Jira, due to concerns about opening up a ‘hole’ on the firewalls to allow traffic from GitHub for Jira.

 

At Atlassian, we listen to our customers. To make it easier and more secure for enterprise customers to use GitHub for Jira integration, we've recently released a new feature: API key pre-authorization for GitHub Enterprise Server.

In this blog post, we'll explain how the API key pre-authorization works, and how you can use it to connect your GitHub Enterprise Server to Jira Cloud with confidence.

 

What is API key pre-authorization?

API key pre-authorization is a new security feature in the GitHub for Jira integration, that lets you integrate with private GitHub Enterprise servers that can't be accessed via the public internet.

The API key is a secret string that is shared exclusively between the API gateway and the app within your tenancy, adding an extra layer of security to your system, and making it more secure and easier for enterprise customers to connect their GitHub Enterprise Server.

 

How to use API key pre-authorization:

1. Set up API gateway or reverse proxy in your network

To enable this feature, you’ll set up a public API gateway or a reverse proxy to forward requests to your GitHub Enterprise Server. Subsequently, the server will perform pre-authorization by examining the configured custom HTTP header to detect a specific “secret” string or API key.

(For inspiration, see our nginx instance sample configuration: github-for-jira/sample-reverse-proxy-nginx.conf at main · atlassian/github-for-jira)

 

2. Add and update API key in GitHub for Jira’s configuration

You can set up the API key when connecting GitHub for Jira with your GitHub Enterprise server, and update the custom API key in GitHub for Jira’s configuration.

We've documented the process of using API key-based pre-authorization in our support documentation. You can find step-by-step instructions in this article: Connect a GitHub Enterprise Server account to Jira Software.

Here’s a quick overview of steps if you are connecting GitHub Enterprise Server with API key pre-authorization for the first time:

1. Install the GitHub for Jira app from the Atlassian Marketplace.

2. Get started on the configuration and Select Connect GitHub organization.

3. Enter your GitHub Enterprise Server URL and click "Continue".

4. In the API key pre-authorization section, enter your custom API key and click "Save".

5. Finish the reset of the configuration steps.

That's it! Your GitHub Enterprise Server is now securely connected to Jira Cloud.

 

Give it a try today!

 

Need help or have questions?

If you have any trouble connecting your GitHub Enterprise Server to Jira Cloud, our support team is here to help. Please don't hesitate to contact us.

Have an idea to improve the app? Share your thoughts here (When creating tickets, please select the project-"Jira Software Cloud" and the component-"Integration - GitHub - Marketplace")