Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

What is the best way to secure/limit access of the account used by Jira Mobile Connect?

Systems Enginee3
Systems Engineering
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 9, 2011

What is the best way to limit the account used by Jira Mobile Connect (API) so that it can submit issues but otherwise does not really have access to any other projects or even other issues in the same project that it is submitting against? We don't want to expose ourselves unnecessarily.

Thanks in advance for the guidance.

Answer
Watch
Like Be the first to like this
215 views

1 answer

1 vote
Systems Enginee3
Systems Engineering
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
November 15, 2011

This may not be the best or most elegant way to handle this, but here's what I did:

  • created a role account - we'll call it "submit issues only"
  • added the user used by the api key to the role in the given project
  • created a new permission scheme - we'll call it "basically no perms"
    • In that scheme added "submit issues only" role to "create issues" and "create attachments"

We added additional security that limited the scope of jira access from "outside" and this is where we have landed. If only Atlassian cared to document some best practices (and/or care about security) we would _know_ if this was the best way to handle this within the contraints of their software.

View More Comments
Gregory Suddert
Gregory Sudderth
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 15, 2011

I would like to see an authoratative answer on this from Atlassian--its vital to the successful deployment of the product!

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events