Skip to content

Supported Data Sources

Jira Integration

SailPoint Entro scans Jira metadata and content to identify secrets that may have been shared or exposed.

Category Description
Issues Titles, descriptions, and comments in all accessible projects
Attachments Text-based attachments such as .txt, .log, .json, .yaml, .ini, .config, .env, .csv (≤ 10 MB)
Custom Fields Text-based custom fields defined by administrators
Projects All active and non-archived projects accessible to the integration user

Note

Detection includes API keys, database credentials, tokens, SSH keys, and cloud provider secrets.

Out of scope

To protect performance and data privacy, the following are excluded from scanning:

  • Issue history and changelog events

  • Archived or deleted projects

  • Encrypted or binary attachments (e.g., .zip, .pdf, .jpg)

  • Audit logs or system configuration data

  • Third‑party marketplace app data

Note

These exclusions ensure minimal system overhead and compliance with Atlassian’s API policies.


Confluence Integration

SailPoint Entro scans for secrets across the following Confluence components:

  • Pages

    • Full page body (plain text and wiki storage formats)

    • Titles and metadata

  • Comments

    • Page-level and inline comments
  • Attachments

    • Supported text-based file formats:

      • .txt, .log, .json, .yaml, .yml, .xml, .ini, .csv, .config, .properties
    • Maximum file size: 10 MB

  • Metadata

    • Page ID, space key, creator, and modification timestamps

Note

Detection Engine: SailPoint Entro uses contextual scanning and entropy-based algorithms to detect API keys, credentials, tokens, and misconfigured secrets.

Out of scope

For performance and privacy reasons, the following are excluded from scanning:

  • Deleted or archived spaces and pages

  • Historical page versions (only latest version is scanned)

  • Encrypted or binary attachments (e.g., .zip, .jpg, .pdf)

  • Audit logs, templates, or macros

  • Marketplace app data and third-party plugin storage

Note

These exclusions are intentional to maintain data integrity and minimize API load.