Skip to main content

Jira Cloud Integration Setup

This guide walks you through integrating Jira Cloud with RAD Security for automated security incident and ticket management, enabling you to automatically create, update, and track security incidents as Jira issues. Jira Cloud provides flexible issue tracking and project management capabilities, making it ideal for managing security incidents, vulnerabilities, and remediation workflows.

Prerequisites

Before you begin, ensure you have:
  • Admin access to Jira Cloud
  • Ability to create users and groups in Jira
  • Access to RAD Security workspace with integration permissions
Service User Recommended: Create a dedicated service user for this integration rather than using a personal account. This ensures the integration continues working when team members leave or change roles.

Step 1: Log in to Jira as Admin

1

Access Jira Admin

Log in to your Jira Cloud instance with administrator privileges
2

Navigate to User Management

Click the gear icon (⚙️) in the top right corner and select User Management

Step 2: Create Group for Integration

1

Navigate to Groups

Click on Groups in the left panel
2

Create New Group

  1. Click Create group
  2. Enter a group name (e.g., “RAD Security Integration”)
  3. Add a description (optional)
3

Assign Product Access

In the Group product access section at the bottom:
  1. Select the product: User
  2. This grants: “Can access the product, with no product admin permissions”
  3. Click Save
This provides a simple, secure setup. Advanced users can configure project-based permissions for more granular control. Refer to Jira’s documentation for details.
4

Configure Project Permissions (If Needed)

Depending on your Jira configuration, you may need to grant read and write access to specific projects:
  1. Navigate to Project settings
  2. Select the projects the integration should access
  3. Grant appropriate permissions to the group
This step is only necessary for certain product configurations. Consult Jira documentation for project-specific permission requirements.

Step 3: Create Service User

1

Navigate to Users

Click on Users in the left panel
2

Create New User

  1. Click Create user
  2. Enter user details:
    • Email address - Use a service email (e.g., rad-security@company.com)
    • Full name (e.g., “RAD Security Integration”)
    • Password - Create a secure password
3

Assign User to Group

In the lower part of the user creation panel:
  1. Find the Groups section
  2. Add the user to the group you created in Step 2
  3. Click Save
Service User Strongly Recommended: While you can use an existing user account, creating a dedicated service user is strongly recommended. If a personal account is used and that person leaves your organization, the integration will break.

Step 4: Generate API Token

1

Log Out and Log In as Service User

  1. Log out of your admin account
  2. Log in using the service user credentials you created in Step 3
2

Access Personal Settings

Click the gear icon (⚙️) in the top right corner and select Personal Settings (Atlassian account settings)
3

Navigate to Security

In the top menu, click on Security
4

Manage API Tokens

Click Create and manage API tokens
5

Create New Token

In the API tokens panel:
  1. Click Create API token
  2. Enter a label (e.g., “RAD Security Integration”)
  3. Click Create
6

Copy Token

Immediately copy the API token that appears
This is your only chance to view the token! If you lose it, you’ll need to revoke and create a new token. Store it securely in a password manager or secrets vault.
Token Rotation Best Practice: Rotate API tokens every 90 days as a security best practice. See Atlassian’s token management documentation for more details.

Step 5: Configure in RAD Security

Navigate to your RAD Security workspace and configure the Jira Cloud integration with the following parameters:

Required Parameters

ParameterDescriptionExample
URLRoot URL of your Jira Cloud instancehttps://your-company.atlassian.net/
UsernameEmail address of the service user from Step 3rad-security@company.com
SecretAPI Token from Step 4your-api-token-here
The URL should be your Jira Cloud root URL in the format https://<tenant>.atlassian.net/ where <tenant> is your organization’s Jira subdomain.

Verify Integration

After completing the setup, verify your integration is working:
  1. Navigate to Data Sources > Integrations > Ticketing in RAD Security
  2. Locate your Jira Cloud integration
  3. Check the connection status shows as Connected
  4. Test by creating a sample issue from RAD Security
Your Jira Cloud integration is now configured! RAD Security can now automatically create and manage security issues in Jira.

What Data is Synced

Once configured, RAD Security will sync the following with Jira Cloud:
  • Automatically create Jira issues for security incidents
  • Include detailed incident context and metadata
  • Attach relevant threat intelligence
  • Add affected assets and resources
  • Include remediation recommendations
  • Update issue status in both systems
  • Sync comments and activity
  • Track resolution progress
  • Update priority and severity
  • Maintain audit trail
  • Map RAD Security fields to Jira fields
  • Configure custom field values
  • Set default issue types
  • Define priority mappings
  • Configure assignment rules

Use Cases

Automated Ticket Creation

Automatically create Jira tickets when security incidents, vulnerabilities, or policy violations are detected.

Workflow Integration

Integrate security findings into existing development and operations workflows in Jira.

Remediation Tracking

Track security remediation efforts through Jira’s project management features.

Centralized Management

Manage security incidents alongside other operational issues in a centralized platform.

Troubleshooting

Possible causes:
  • Username (email) is incorrect
  • API token is incorrect or expired
  • User account was disabled or deleted
  • Token was revoked
Solution:
  • Verify the username matches the service user’s email exactly
  • Check that the API token is copied correctly (no extra spaces)
  • Confirm the service user account is still active in Jira
  • Try logging in to Jira with the service user credentials
  • Generate a new API token if needed
Possible causes:
  • User not assigned to correct group
  • Group lacks product access
  • Missing project-level permissions
  • User removed from group
Solution:
  • Verify the service user is a member of the integration group
  • Check the group has “User” product access
  • Review project-specific permissions if configured
  • Ensure the user hasn’t been removed from the group
  • Check that group permissions haven’t changed
Possible causes:
  • Missing project permissions
  • Issue type not available
  • Required fields not mapped
  • Project doesn’t exist
Solution:
  • Verify the user has “Create Issues” permission in target projects
  • Check that the issue type exists in the project
  • Ensure all required fields are properly mapped
  • Confirm the target project is active and accessible
  • Review project workflow restrictions
Possible causes:
  • Using Jira Server URL instead of Cloud URL
  • Missing trailing slash
  • Incorrect subdomain
  • Including additional path components
Solution:
  • Ensure you’re using the Cloud URL format: https://<tenant>.atlassian.net/
  • Include the trailing slash: https://your-company.atlassian.net/
  • Verify the subdomain matches your organization
  • Don’t include paths like /jira/ or /secure/
Possible causes:
  • Token was manually revoked
  • Account password was changed (doesn’t affect API tokens)
  • Token reached configured expiration
Solution:
  • Log in as the service user
  • Navigate to Security > API tokens
  • Check if the token still exists and is active
  • Create a new token if the old one was revoked
  • Update the token in RAD Security integration settings
Possible causes:
  • Service user was deleted
  • Account was suspended or deactivated
  • Email address was changed
  • User lost group membership
Solution:
  • Log in as admin and verify the service user exists
  • Check the account status is Active
  • Verify the email address hasn’t changed
  • Confirm group membership is intact
  • Reactivate the account if it was suspended

Security Best Practices

Use Service Accounts

Always use a dedicated service account with a service email, never a personal account tied to an individual.

Least Privilege Access

Only grant the minimum permissions required. Avoid admin privileges for integration accounts.

Rotate Tokens Regularly

Rotate API tokens every 90 days or according to your security policy.

Secure Token Storage

Store API tokens in a secure password manager or secrets vault. Never commit to version control.

Monitor Integration Activity

Regularly review issues created by the integration to ensure proper operation.

Audit Permissions

Periodically review the service user’s group membership and permissions.

Track Token Usage

Document which tokens are used for which integrations to simplify rotation and troubleshooting.

Service Email Management

Ensure the service email is monitored or forwarded to the appropriate team.

Token Rotation

To rotate your Jira API token:
1

Create New Token

  1. Log in as the service user
  2. Go to Personal Settings > Security > API tokens
  3. Create a new API token with a different label
2

Update Integration

Update the token in RAD Security integration settings
3

Verify Connection

Test that the integration still works with the new token
4

Revoke Old Token

Once verified, revoke the old token in Jira

Additional Resources

Jira User Management

Official Atlassian guide to user management in Jira

API Token Management

Learn how to create and manage API tokens

Next Steps

Ticketing Overview

Learn about ticketing integrations

Workflows

Configure custom workflows for incident response

Alerts & Incidents

Set up alert rules that trigger Jira ticket creation

Automation Tools

Explore automation platform integrations