Skip to main content

Jira Integration Guide

Set up and manage your Jira or Jira Data Center in Drata to automate security ticket monitoring and enable write access.

Updated today

The Jira integration enables security and engineering teams to automate monitoring and evidence collection for vulnerability management controls. It connects Drata to Jira Cloud or Jira Data Center so your team can track, create, and link security-related tickets directly within Drata.

Key Capabilities

  • Security Ticket Monitoring: Continuously monitor and sync Jira issues relevant to vulnerability and security management.

  • Automated Evidence Collection: Pulls ticket data for compliance tests, including issue prioritization and remediation tracking.

  • Optional Write Access: Allows Drata to create or update Jira tickets directly from within Drata.

Prerequisites & Data Access

Note: Additional setup steps are required for Jira Data Center connections. These are highlighted during integration and detailed below.

Permissions & Data Table

Permission/Scope

Why It’s Needed

Data Accessed

view:jira-user

Allows Drata to read Jira user details for ticket ownership and assignment.

User data (Read)

view:jira-work

Enables Drata to read issues, projects, and workflows for evidence collection.

Issue and project data (Read)

Step-by-Step Setup

Step 1: Open the Jira Connection in Drata

  1. In Drata, navigate to Connections → Available Connections.

  2. Search for Jira and select Connect.

  3. Choose Jira Cloud or Jira Data Center depending on your environment.

Expected outcome: The connection form appears for Jira setup.

Step 2: Configure the Jira Integration Form

  1. Account Alias: Enter a name to identify this Jira integration (useful if connecting multiple Jira accounts).

  2. Source: Select how Drata identifies relevant tickets. You can choose Label or JQL.

    • Label: Enter the Jira label used to tag security-related tickets.

    • JQL (Jira Query Language): Enter a JQL query that returns the expected security tickets.

      • Drata does not validate JQL queries.

      • Test your query in Jira before using it.

  3. (Optional) Write Access: Enable this to allow Drata to create Jira tickets directly in your selected project.

Expected outcome: Jira integration fields are configured and ready for authentication.

Step 3: Authenticate Jira Cloud

Applies to Jira Cloud users only.

  1. After selecting Jira, Drata redirects you to Jira’s authentication screen.

  2. Grant the following permissions:

    • view:jira-user

    • view:jira-work

  3. Confirm permissions in Jira.

  4. You’ll be redirected back to Drata automatically after approval.

Expected outcome: Drata is authorized to read Jira data and, if enabled, write tickets.

Step 4: Authenticate Jira Data Center

Applies only to Jira Data Center users.

  1. Choose your preferred authentication method:

    • Personal Access Token (recommended)

    • Username and Password

  2. Whitelist Drata’s IP addresses to allow secure communication:

    • 44.194.126.11

    • 44.194.4.0

    • 3.232.227.174

    • 3.214.125.237

  3. Go to admin.atlassian.com
    Organization → Security → IP Allowlist → Create allowlist and add the IPs above.

  4. Provide your Jira domain (for example, for https://jira.acme.com/jira, enter jira.acme.com/jira).

  5. Generate a Personal Access Token:

    • Go to your Jira profile → Personal Access Tokens → Create Token.

    • Name the token and copy it into Drata.

Expected outcome: Drata authenticates to your Jira Data Center using a secure, token-based connection.

Step 5: Complete and Verify Connection

  1. In Drata, confirm the integration details.

  2. Save your settings and test the connection.

  3. Once verified, your Jira integration will appear under Active Connections.

Expected outcome: Jira data begins syncing automatically, enabling ticket monitoring and evidence collection.

Important Notes

  • Multiple Accounts: You can connect more than one Jira account by assigning unique aliases.

  • Jira Data Center Support: Requires token-based authentication and IP allowlisting.

  • Priority Field: Drata verifies the Priority field only. Missing or customized Priority fields in Jira may affect tests such as Test 26.

  • Read/Write Behavior:

    • Read scopes enable Drata to monitor and collect evidence.

    • Write access (optional) allows Drata to create or link tickets directly.

Related Articles
KarmaCheck Integration Guide
The Jira connection: Security Ticket (Label, JQL)
Create or Link Jira Tickets in Drata
15Five Integration Guide
Aircall Integration Guide
Did this answer your question?