Missed Team ’24? Catch up on announcements here.

Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Jira Align Cloud to Jira Software On-Premise Connectivity Prerequisites


This article will explain the process flow of understanding and completing connectivity between Jira Align and Jira Data Center.

1) Review the Documentation and Connectivity Diagrams

1a) Documentation to Review

1b) Technical Teams Involved

  • System Administrator (Server Admin, Infrastructure)
    • Jira Administrator (Service Account, Jira Align Integration)
    • Network Engineer (Load Balancer, Proxy, API Gateway, Routing)
    • Security Engineer (Firewalls, Intrusion Protection, Compliance)

Customer Actions:

  • Which architecture will be used?
  • What is the timeline for implementation?

  • Which contact(s) will Jira Align work with to establish connectivity?

  • Are there any considerations or concerns Jira Align should be aware of?

2) Jira Service Account

Customer Action:

  • What is the timeline to create the Service Account?

3) Network and Authentication

3a) Network Configurations

3b) Authentication Methods

Customer Actions:

  • Work with Internal Network/Security Teams to configure their systems to allow for Jira Align connectivity.
  • Determine the best Authentication Method according to current policies and available infrastructure.

    • Basic Auth (Jira Service Account)

    • OAuth 1.0a (Jira Service Account)

    • Personal Access Token (Jira Service Account)
    • Basic Auth (using API Token - Apigee)


4) SSL Certificates 

Customer Actions:

  • Determine if Mutual TLS is possible in the available infrastructure.
    • Yes
    • No
  • Determine which Certificate is preferred.

    • Wildcard Jira Align Certificate (*.jiraalign.com)

    • Custom Jira Align Certificate (Ex: customer.jiraalign.com)

    • Customer-owned Certificate (Ex: jiraalign.customer.com )

  • What is the timeline to implement and test Mutual TLS?

5) Configuration, Troubleshooting, and Validation

5a) Pre-Checks

  • Jira Service Account is configured in Jira Software (see #2).
  • Authentication Method is agreed upon (see #3b).
  • Mutual TLS is agreed upon (see #4).
  • Jira Admin and/or Jira Align Admin available to configure the Jira Connector (see #1b).

If Required

  • API Gateway/Proxy rules are configured to allow Jira Align to connect to Jira Software (see #3a).
  • Jira Align’s IP Addresses and Ports are Allow Listed at the Edge Firewall (see #3a).

5b) Configuration

5c) Troubleshooting

5d) Validation

  • Jira Connector is setup with Jira Link and Jira API
  • Authentication Method is configured and validated
  • Mutual TLS is configured and validated
  • Data is synced successfully (Prod and Test)

Customer Actions:

  • Pre-Checks are completed.
  • Determine if a scheduled call to configure is needed and which parties are required.

  • Schedule call (if needed).

  • Complete configuration and validation.

A) SAML/SSO (Optional)

A few things to note:

  • Jira Align supports Identity Provider Initiated SAML 2.0 (not Service Provider Initiated)
  • Just In Time (JIT) and System for Cross-domain Identity Management (SCIM) are not supported




Log in or Sign up to comment
AUG Leaders

Atlassian Community Events