Skip to content

API Endpoints in Use

This page lists the Atlassian REST API endpoints SailPoint Entro uses to perform secret scanning and metadata analysis across Jira and Confluence. All API calls are read-only, designed to ensure transparency and compliance with customer security policies.

Overview

SailPoint Entro interacts with Atlassian products using their official REST APIs. All requests are authenticated via:

  • Personal Access Tokens (PATs) for Server / Data Center

  • API Tokens for Atlassian Cloud

SailPoint Entro never modifies or deletes any data and does not perform any administrative or write operations.


Jira Server / Jira Cloud

Purpose Endpoint Method Description
List Projects /rest/api/2/project GET Retrieves accessible Jira projects for the integration user.
Fetch Issues /rest/api/2/search POST Returns issue data (title, description, comments, attachments).
Issue Comments /rest/api/2/issue/{issueId}/comment GET Retrieves all comments on a specific issue.
Attachments /rest/api/2/attachment/{id} GET Fetches attachment metadata and download URL for text-based files.
Users /rest/api/2/user GET Identifies integration user and permissions context.

Note

SailPoint Entro scans issue descriptions, comments, and text attachments only (≤10MB).


Confluence Server / Confluence Cloud

Purpose Endpoint Method Description
List Spaces /wiki/rest/api/space GET Lists available spaces visible to the integration user.
Retrieve Pages /wiki/rest/api/content GET Retrieves page metadata, content body, and attachments.
Page Comments /wiki/rest/api/content/{id}/child/comment GET Fetches page comments for secret scanning.
Attachments /wiki/rest/api/content/{id}/child/attachment GET Retrieves attachment metadata for supported file types.

Note

SailPoint Entro scans page content, comments, and text-based attachments. Historical page versions and binary files are excluded.


Note

SailPoint Entro does not modify repositories or push commits. All operations are read-only via HTTPS.


Rate Limits & Performance

SailPoint Entro respects Atlassian’s API rate limits:

  • Jira Cloud: 1,000 requests per 10 seconds per user

  • Confluence Cloud: Standard REST API quotas apply

For on-prem installations, SailPoint Entro’s Worker automatically optimizes batch size and concurrency to reduce API load.


Security & Compliance

  • All API calls are read-only and made over HTTPS/TLS.

  • Tokens are scoped to minimal privileges (read only).

  • SailPoint Entro never stores raw Atlassian content - only metadata and detected findings.

  • The integration fully aligns with SOC 2 Type II, ISO 27001, and GDPR compliance frameworks.

Note

All tokens and communications use secure practices and minimal privileges to ensure customer data protection.