In this article you will find:

  1. Pre-requisites - Permissions

  2. How to define Jira connector in Vulcan

1. Pre-requisites - Permissions

To Integrate into JIRA, the user can choose between 2 optional sets of permissions on the JIRA:

  1. Admin permissions - highest permission covers all the needed functionalities.

  2. Configure a set of permissions based on the following details:

Browse Projects
Ability to browse projects and the issues within them.
Assignable User
Users with this permission may be assigned to issues.
Assign Issues
Ability to assign issues to other people.
Create Issues
Ability to create issues.
Edit Issues
Ability to edit issues.
Resolve Issues
Ability to resolve and reopen issues. This includes the ability to set a fix version.
Add Comments
Ability to comment on issues.
Create Attachments
Users with this permission may create attachments.

Detailed API calls used

Use in Vulcan

Permission required

/rest/api/2/myself

Check Current User permissions

Permission to access Jira

/rest/api/2/project

List Project available to open tickets in

Projects are returned only where the user has Browse Projects or Administer projects

/rest/api/2/user/assignable

List users available as assignees in the different projects

None

/rest/api/2/issue/createmeta

List the different fields available to create an issue

Create issues

/rest/api/2/issue/

Create and update issues

rowse projects and Create issue

/rest/api/2/serverInfo

Get the current server version

None

/rest/api/2/issue/{issueIdOrKey}/comment

add comments on existing tickets

* Browse projects and Add comments project permission for the project that the issue containing the comment is in. * If issue-level security is configured, issue-level security permission to view the issue

Project Labels (Optional) - make sure to allow - Vulcan uses labels in order to mark the related tickets to a specific web-hook, so if you need 2 way updates for your tickets, your projects must support labels.

2. Defining a connector

On the Connectors page. click on Add a Connector

Click on Jira Connector

Click on Create

Vulcan Cyber supports both Jira on cloud and On-Premise. 

Fill in all the relevant fields, based on your Jira account type. 

  • Jira Server URL - URL of your organization's Jira account. Relevant for cloud account.

  • Username - User with required permissions to access Jira account.

  • Password / API Token - Depends on account type, insert Password match to Username, or insert API Token match to Jira Server URL.

  • Two Way Jira Integration - Enabling will create webhook in Jira: If a ticket was closed in JIRA, it will be marked as "Done" in the Vulcan campaign.

  • Mark Issue as Done - Enabling will allow you to change Jira issue status to closed when a vulnerability is marked as fixed in Vulcan. This applies to both closed a campaign manually or by vulcan detecting the vulnerability is no longer discovered by the scanner thus marking its as fixed.

Did this answer your question?