Cmdlets for Jira

Build 24.0.8963

OAuth Scopes and Endpoints

Required Scopes and Endpoint Domains for Jira

When integrating with Jira, your application needs specific permissions to interact with the API.

These permissions are defined by access scopes, which determine what data your application can access and what actions it can perform.

This topic provides information about the required access scopes and endpoint domains for the Jira cmdlet.

Understanding Scopes

Scopes are a way to limit an application's access to a user's data. They define the specific actions that an application can perform on behalf of the user.

For example, a read-only scope might allow an application to view data, while a full access scope might allow it to modify data.

Required Scopes for Jira

Scopes can be controlled using the Scope connection property.

Jira has two types of scopes: Classic and Granular. Jira recommends Classic scopes when available.

Scope Type Description
read:jira-user Classic View user information in Jira that the user has access to, including usernames, email addresses, and avatars. Required for read and write access.
read:jira-work Classic Read Jira project and issue data, search for issues and objects associated with issues like attachments and worklogs. Required for read and write access.
write:jira-work Classic Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues. Required for write access.
manage:jira-project Classic Create and edit project settings and create new project-level objects (for example, versions and components). Required for write access.
manage:jira-configuration Classic Take Jira administration actions (for example, create projects and custom fields, view workflows, and manage issue link types). Required for write access.
read:application-role:jira Granular View application roles. Required for read and write access.
read:audit-log:jira Granular View audit logs. Required for read and write access.
read:dashboard:jira Granular View dashboards. Required for read and write access.
read:filter:jira Granular View filters. Required for read and write access.
read:filter.column:jira Granular View filter columns. Required for read and write access.
read:group:jira Granular View user groups. Required for read and write access.
read:issue:jira Granular View issues. Required for read and write access.
write:issue:jira Granular Create and update issues. Required for write access.
delete:issue:jira Granular Delete issues. Required for write access.
read:issue-meta:jira Granular View issue meta. Required for read and write access.
read:attachment:jira Granular View issue attachments. Required for read and write access.
write:attachment:jira Granular Create and update issue attachments. Required for write access.
delete:attachment:jira Granular Delete issue attachments. Required for write access.
read:comment:jira Granular View issue comments. Required for read and write access.
write:comment:jira Granular Create and update issue comments. Required for write access.
delete:comment:jira Granular Delete issue comments. Required for write access.
read:comment.property:jira Granular View issue comment properties. Required for read and write access.
write:comment.property:jira Granular Create and update issue comment properties. Required for write access.
delete:comment.property:jira Granular Delete issue comment properties. Required for write access.
read:field:jira Granular View fields. Required for read and write access.
write:field:jira Granular Create and update fields. Required for write access.
read:field.option:jira Granular View field options. Required for read and write access.
read:field.options:jira Granular Read field options. Required for read and write access.
read:custom-field-contextual-configuration:jira Granular Read custom field contextual configurations. Required for read and write access.
write:custom-field-contextual-configuration:jira Granular Save custom field contextual configurations. Required for write access.
read:field-configuration:jira Granular Read field configurations. Required for read and write access.
write:field-configuration:jira Granular Save field configurations. Required for write access.
read:issue-link:jira Granular View issue links. Required for read and write access.
read:issue-link-type:jira Granular View issue link types. Required for read and write access.
read:issue.property:jira Granular View issue properties. Required for read and write access.
read:priority:jira Granular View priorities. Required for read and write access.
read:resolution:jira Granular View resolutions. Required for read and write access.
read:issue-details:jira Granular View issue details. Required for read and write access.
read:issue-security-scheme:jira Granular View issue security schemes. Required for read and write access.
read:issue-type:jira Granular View issue types. Required for read and write access.
read:issue-type-scheme:jira Granular View issue type schemes. Required for read and write access.
read:issue-type.property:jira Granular View issue type properties. Required for read and write access.
read:issue.watcher:jira Granular View issue watchers. Required for read and write access.
read:issue-worklog:jira Granular View issue worklogs. Required for read and write access.
read:issue-field-values:jira Granular View issue field values. Required for read and write access.
read:issue-security-level:jira Granular View issue security levels. Required for read and write access.
read:issue-status:jira Granular View issue statuses. Required for read and write access.
read:issue.changelog:jira Granular View issue changelogs. Required for read and write access.
read:issue.transition:jira Granular View issue transitions. Required for read and write access.
delete:issue-type:jira Granular Delete issue types. Required for write access.
write:issue-type:jira Granular Create and update issue types. Required for write access.
read:user:jira Granular View users. Required for read and write access.
read:user.columns:jira Granular View user columns. Required for read and write access.
read:project:jira Granular View projects. Required for read and write access.
write:project:jira Granular Create and update projects. Required for write access.
delete:project:jira Granular Delete projects and their details, such as issue types, project lead, and avatars. Required for write access.
read:project-category:jira Granular View project categories. Required for read and write access.
read:project.component:jira Granular View project components. Required for read and write access.
write:project.component:jira Granular Create and update project components. Required for write access.
delete:project.component:jira Granular Delete project components. Required for write access.
read:project.property:jira Granular View project properties. Required for read and write access.
write:project.property:jira Granular Create and update project properties. Required for write access.
delete:project.property:jira Granular Delete project properties. Required for write access.
read:project-role:jira Granular View project roles. Required for read and write access.
write:project-role:jira Granular Create and update project roles. Required for write access.
delete:project-role:jira Granular Delete project roles. Required for write access.
read:project-version:jira Granular View project versions. Required for read and write access.
write:project-version:jira Granular Create and update project versions. Required for write access.
delete:project-version:jira Granular Delete project versions. Required for write access.
read:issue.time-tracking:jira Granular View issue time tracking. Required for read and write access.
write:issue.time-tracking:jira Granular Create and update issue time tracking. Required for write access.
read:user.property:jira Granular View user properties. Required for read and write access.
write:user.property:jira Granular Create and update user properties. Required for write access.
delete:user.property:jira Granular Delete user properties. Required for write access.
read:workflow:jira Granular View workflows. Required for read and write access.
read:workflow-scheme:jira Granular View workflow schemes. Required for read and write access.
read:status:jira Granular View statuses. Required for read and write access.
read:workflow.property:jira Granular View workflow properties. Required for read and write access.
read:project-type:jira Granular View project types. Required for read and write access.
read:project.email:jira Granular View project emails. Required for read and write access.
write:project.email:jira Granular Create and update project emails. Required for write access.
read:role:jira Granular View roles. Required for read and write access.
read:user-configuration:jira Granular View user configurations. Required for read and write access.
write:user-configuration:jira Granular Create and update user configurations. Required for write access.
delete:user-configuration:jira Granular Delete user configurations. Required for write access.
read:jql:jira Granular View JQL. Required for read and write access.
validate:jql:jira Granular Validate JQL. Required for read and write access.

Understanding Endpoint Domains

Endpoint domains are the specific URLs that the application needs to communicate with in order to authenticate, retrieve records, and perform other essential operations.

Allowlisting these domains ensures that the network traffic between your application and the API is not blocked by firewalls or security settings.

Note: Most users do not need to make any special configurations. Allowlisting is typically only necessary for environments with strict security measures, such as restricted outbound network traffic.

Required Endpoint Domains for Jira

Domain Always Required Description
<URL> TRUE The URL of your Jira instance.
api.atlassian.com FALSE The base URL of the Jira API. Required when AuthScheme is set to OAuth.
<SSOLoginURL> FALSE The URL of your SSO provider. Required when AuthScheme is set to OKTA or CROWD.
<SSOExchangeURL> FALSE Your SSO Exchange URL. Required when AuthScheme is set to OKTA or CROWD.

Copyright (c) 2024 CData Software, Inc. - All rights reserved.
Build 24.0.8963