Securing Jira REST API Access with Azure OAuth 2.0

Business Challenge

The customer needed to replace their existing API gateway and faced challenges in securely authenticating multiple service clients.

Without a more secure solution, there were potential risks of unauthorized access to the Jira REST APIs, leading to security concerns and inefficiencies in managing client access.

Additionally, compliance requirements emphasized the need for a robust authentication mechanism.

Solution Overview

To address these challenges, we implemented a solution that enabled secure authentication for third-party clients accessing Jira REST APIs using Azure client credentials tokens.

Key features of the solution included:

• Support for Azure Client Credentials Tokens with JWT Certificate-Based Authentication
• Access Control List (ACL) for precise permissions management

The solution was deployed in the cloud to ensure scalability, flexibility, and security.

How It Works

Azure Configuration:Multiple service principals were created on Azure for the different clients interacting with Jira REST APIs. Each client was configured to retrieve tokens using the client credentials grant from Azure, which would then be used for authenticating access to the Jira APIs.

Plugin Configuration: The plugin was configured to authenticate the client credentials tokens via certificate-based JWT authentication, allowing secure access to the Jira REST APIs.

Additional Security: An Access Control List (ACL) was integrated into the plugin, providing an additional layer of security by allowing only specified Azure clients to access the Jira APIs.