Skip to content

Jira Basic Auth

Service Name: Jira (Atlassian)

Service Description: Jira is a project management and issue tracking software developed by Atlassian. It's used for bug tracking, issue tracking, and project management functions, allowing teams to plan, track, and manage software development projects.

Service Address: https://www.atlassian.com/software/jira

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the Jira instance level through Atlassian Access or through proxy servers.

Secret Access Scope: Grants API access to Jira resources including projects, issues, workflows, and user management functions based on the user's permissions.

Secret Revokement URL: https://id.atlassian.com/manage-profile/security

Secret Example: Basic amlyYV91c2VyQGV4YW1wbGUuY29tOlBAc3N3MHJkMTIzIQ== (This is a Base64 encoded string of "jira_user@example.com:P@ssw0rd123!")

Suspicious Activity Investigation Instructions:

  • Review Jira audit logs for unusual access patterns or actions
  • Check for unauthorized project access or issue modifications
  • Monitor for unusual API calls, especially those modifying permissions or creating new users
  • Look for access from unusual IP addresses or locations
  • Review any automated integrations that might be using the credentials

Mitigation Instructions:

  • Change the password for the affected user account immediately
  • Enable two-factor authentication for the account if not already enabled
  • Review and potentially revoke any API tokens associated with the account
  • Check for and remove any unauthorized project access or permissions
  • Consider implementing IP restrictions for accessing your Jira instance
  • Review audit logs to understand the scope of potential unauthorized access
  • Update any integrations or scripts that were using the compromised credentials
  • Consider implementing Atlassian Access for enhanced security controls