Skip to content
Copy
View as Markdown Suggest changes
Add Docs MCP
Setup guide

Atlassian Jira

Jira is a widely used project management and issue tracking software developed by Atlassian. You can set up Wallarm to create issues in Jira when vulnerabilities are detected, all or only for the selected risk level(s) - high, medium or low.

Supported versions

This integration is supported both for JIRA Cloud and on-premise solutions.

Setting up integration

In Jira UI:

  1. Generate API token:

    • For Jira Cloud, as described here. The provided token is used with Basic authentication.
    • For Jira on-premise, in your Jira instance, navigate to your profile settings, and create a personal access token (PAT). The provided token is used with Bearer authentication.
  2. Copy the generated API token.

In Wallarm UI:

  1. Open Wallarm Console → IntegrationsJira.

  2. Enter an integration name.

  3. Enter the Jira host (e.g., https://company-x.atlassian.net/).

  4. Enter the Jira user email, which Jira requires for authentication and will also be used to identify the Reporter for created issues.

  5. Select token type: Basic for Jira Cloud and Bearer for Jira on-premise.

  6. Paste the generated API token.

    If necessary, you can disable Jira server SSL verification.

    The email and token will be checked to authenticate Wallarm at the specified Jira host. On success, spaces available to this Jira user will be listed.

  7. Select the Jira space to create issues in. When selected, the issue types supported in this space will be listed.

  8. Select the Jira issue type the created issues will belong to.

  9. Select event types to trigger notifications. All security issues (vulnerabilities) or only of the specific risk level(s) may be selected.

    Jira integration

  10. Click Test integration to check configuration correctness, availability of the target system, and the notification format.

    Test Jira issue creation:

    Test Jira issue creation

  11. Click Add integration.

Wallarm Cloud IP addresses

To provide Wallarm Cloud access to your system, you may need a list of its public IP addresses:

34.102.90.100
34.94.156.115
35.235.115.105
34.94.85.217
34.94.51.234
34.102.59.122
34.94.238.72
35.235.100.79
34.102.45.38
34.94.241.21
34.94.203.193
34.94.238.221
34.94.9.235
34.94.118.150
34.94.193.9
34.141.230.156
34.91.138.113
34.90.114.134
35.204.127.78
34.90.24.155
34.7.147.149

Disabling and deleting an integration

You can delete or temporarily disable the integration. While deleting stops sending notifications and completely deletes all configuration, disabling just stops sending notifications, which you can re-enable at any moment with the same settings.

If the System related events are selected to trigger notifications for the integration, Wallarm will notify you about both of these actions.

System unavailability and incorrect integration parameters

Notifications to the system are sent via requests. If the system is unavailable or integration parameters are configured incorrectly, the error code is returned in the response to the request.

If the system responds to the Wallarm request with any code other than 2xx, Wallarm resends the request at intervals until the 2xx code is received:

  • The first cycle intervals: 1, 3, 5, 10, 10 seconds

  • The second cycle intervals: 0, 1, 3, 5, 30 seconds

  • The third cycle intervals: 1, 1, 3, 5, 10, 30 minutes

If the percentage of unsuccessful requests reaches 60% in 12 hours, the integration is automatically disabled. If you receive system notifications, you will get a message about the automatically disabled integration.