Jira Integration Guide

  • Updated

    With Resolutions plan, you will be able to configure two-way Jira integration in Resolutions Intelligence Cloud to sync all ActOns to Jira.

    Jira integration with Resolution Intelligence helps you to provide ticket and project tracking for software teams within the organization. This integration works bidirectionally as follows: 1. Whenever any situation comes to the Resolution Intelligence, a Jira ticket will be created in Jira. 2. If an issue is generated to the Jira ticket, you can create a situation in the Resolution Intelligence.

    This integration allows you to

    - create a project-wise situation or an issue to enable continuous monitoring integration. 

    - create, update, and delete issues whenever required.

    Prerequisites

    In Resolution Intelligence

    • You must have an active account. 
    • You must be a client admin to configure the application. 

    In Jira

    Before integrating Jira, your Jira admin must create a Netenrich ticket Id which is described as follows.

    • Login to the Jira account and click Settings on the top right corner of your screen. 
    • Type Custom field and then, create New Custom field. Your Netenrich ticket Id will be generated.
      Note: You will need an account and admin privileges

    Enabling Jira Integration

    In Resolution Intelligence

    1. From the Resolution Intelligence user interface, navigate to Configurations --> Integrations --> Jira tile.

    2. Click Add. A dropdown appears and select any of the following options to enable the integration.

    • Add New integration: creates a new instance
    • Inherit from Parent: Gets the integration settings from parent

    3. Under the Inbound section, In Authentication type, select JSON Web Token (JWT) and in Token Source, select URL.

    mceclip1.png

    4. You will need to configure the Outbound section of Jira to send notification details to trigger integration events based on actions taken in the Resolution Intelligence back to Jira.

    5. Now navigate to Integration Basic Configuration under the Outbound section and fill in the following details.

    mceclip1.png

    6. Map Attributes are used to map Resolution Intelligence entities with the third party like Jira properties respectively.

    7. Update the status of a ticket when it is acknowledged, or add a comment, or add an assignee to the Jira ticket in the Resolution Intelligence Cloud.

    8. In Outbound Integration events, click Add and enable the following events.

    • Change_Management
    • Incident_Management
    • Problem_Management
    • Service_Request
    • Case Management

    To enable the above events, you will need to setup field mappings, status mappings and priority mappings in each event in order to generate tickets in Jira.

    For example, the following image shows the fields that you need to setup in order to generate incident tickets in Jira.

    Tenant Mapping

    You can map single or multiple tenants between Resolution Intelligence Cloud and your Jira project through an interactive UI. 

    To map a tenant to your Jira integration,

    1. After you have configured the integration, click Tenant Mapping --> Add Mapping
      A dialog box appears
    2. In Tenant Name, select a tenant from the dropdown
    3. In Project field, enter name of your Jira project that you would like to map
    4. Click Add Row
    5. Repeat the steps from 1 to 4 to add multiple tenants in the next rows

    mceclip2.png

    Also, you can bulk import multiple tenants using a CSV template that is downloaded from tenant mapping screen.

    To download and import a CSV file,

    1. After you have configured the integration, click Tenant Mapping
    2. Navigate to Bulk Add --> Download CSV template
      A template is downloaded into your local drive
    3. First, you will need to fill the csv file with a valid tenant name, mapping status and project key
    4. Click Bulk Add --> Import CSV file
      A dialog box appears 
    5. Click Import CSV and select your tenant mapping file from local drive
    6. Click Open
      A message appears on your screen
    7. Click Yes to continue
      A Mapping CSV file will be added to tenant list

    mceclip3.png

    In Jira Software

    1. Login to your Jira account.

    2. Click the Settings icon in the upper right corner of the screen and select System from the drop-down.

    Picture13.png

      3. On the left-hand sitemap under System, select Webhooks.

    Picture15.png

    4. Click + Create a Webhook.

    • Give the Webhook a name, set the status to Enabled, and paste the copied URL from the Resolution Intelligence web interface in the URL field.
    Picture16.png

    5. Next, select the events that you would like to send to the Resolution Intelligence for generating issues, comments. In the below example, we opted to send a webhook whenever an issue is created, updated, and deleted.

    Picture17.png

    6. Now when an issue is created, a critical situation will be generated in the Resolution Intelligence and any updates will be sent to the situation timeline as a signal to that situation including comments. When a situation is resolved or deleted in Jira, the situation will be resolved in the Resolution Intelligence.

    Enabling Jira Integration using OAuth2.0 (3LO)

    Jira integration with our platform can be done using both Basic and OAuth2.0(3LO) authentication. Let's concentrate on OAuth2.0 integration.

    Mandatory requirements for enabling OAuth2.0 are 

    • An Atlassian Site (Resource)
    • A User (Resource Owner)
    • An External Application/service (Client)
    • Third party app requires permissions to access the Atlassian data to use the Product's API

    For Example, An Atlassian site is Jira(Resource), An atlassian user, and a client(third party app)

    Configuring OAuth2.0 (3LO)

    Before configuring OAuth2.0 for your third-party app, you must login to the Atlassian site (https://developer.atlassian.com/) using valid credentials.

    1. Navigate to Developer Console in the top right corner of the screen.
    2. Click Create and select OAuth2.0 Integration from the dropdown (If no app is available in the console).
    3. Give a Name for your app, select the developer terms and then, click Create.
    4. Under My Apps, select Authorization in the left nav bar.
    5. In the Authorization screen, click Configure next to OAuth2.0.
    6. Select Use rotating refresh tokens under Refresh token.
    7. Enter the Callback URL. Set this to any URL that is accessible by the app. When you implement OAuth 2.0 (3LO) in your app, the redirect_uri must match this URL.
    8. Click Save changes.

    Note that if no APIs are added previously, then you need to add now.

    To add APIs,

    • Select Permissions in the left-side nav bar.
    • In the Permissions page, click Add next to the API that you want to add. For Example, Jira Platform REST API.

    To add required Scopes,

    • Click Configure next to API name.
    • Click Add next to Scopes.
    https://auth.atlassian.com/authorize?
audience-api.atlassian.com& client_id=YOUR_CLIENT_ID& scope=REQUESTED SCOPE_ONE REQUESTED SCOPE_TWO& redirect_uri=https://YOUR_APP_CALLBACK_URL& response_type=code&
state=YOUR USER BOUND_VALUE&
prompt=consent
     

    Get an authorization code from an authorization URL

    You can get the authorization URL from the app that you configured in the developer console by selecting Authorization from the left navigational bar.

    https://auth.atlassian.com/authorize?
      audience=api.atlassian.com&
      client_id=YOUR_CLIENT_ID&
      scope=REQUESTED_SCOPE_ONE%20REQUESTED_SCOPE_TWO&
      redirect_uri=https://YOUR_APP_CALLBACK_URL&
      state=YOUR_USER_BOUND_VALUE&
      response_type=code&
      prompt=consent

    The query parameters for the authorization URL are described below:

    audience: (required) Set this toapi.atlassian.com.

    client_id: (required) Set this to the Client ID for your app. Find this in Settings for your app in the developer console.

    scope: (required) Set this to the desired scopes:

    • Separate multiple scopes with a space.
    • Only choose from the scopes that you have already added to the APIs for your app in the developer console.

    redirect_uri: (required) Set this to the callback URL configured in Authorization for your app in the developer console.

    state: (required for security) Set this to a value that is associated with the user you are directing to the authorization URL, for example, a hash of the user's session ID. Make sure that this is a value that cannot be guessed. 

    response_type: (required) Set to code as you are requesting an authorization code (not a token).

    prompt: (required)Set to consent so that the screen prompting the user to grant access will display.

     Result:

    https://auth.atlassian.com/authorize?
    audience=api.atlassian.com&
    client_id=ZVnpvqaRpgJhIlrjGB23D2YlfRHupsbf&
    scope=read%3Ajira-user%20read%3Ajira-work%20manage%3Ajira-configuration%20manage%3Ajira-project%20write%3Ajira-work%20manage%3Ajira-webhook%20manage%3Ajira-data-provider&
    redirect_uri=https%3A%2F%2Flocalhost%2Fcallback&state=${YOUR_USER_BOUND_VALUE}&
    response_type=code&prompt=consent

    If successful, you will be redirected to the app's callback URL, with an authorization code provided as a query parameter called code. This code can be exchanged for an access token.

    Authorization code:

    http://localhost:8080/getAPi?code=FZqRGLDfxZZncnIe&state=%24%7BYOUR_USER_BOUND_VALUE%7D\


    Generate Access token using Authorization Code

    Use the authorization code from the previous step to generate the access token to make the app call APIs.

    curl --request POST \
      --url 'https://auth.atlassian.com/oauth/token' \
      --header 'Content-Type: application/json' \
      --data '{"grant_type": "authorization_code","client_id": "YOUR_CLIENT_ID","client_secret": "YOUR_CLIENT_SECRET","code": "YOUR_AUTHORIZATION_CODE","redirect_uri": "https://YOUR_APP_CALLBACK_URL"}'

    client_id: (required) Set this to the Client ID for your app. Find this in Settings for your app in the developer console.

    client_secret: (required) Set this to the Secret for your app. Find this in Settings for your app in the developer console.

    code: (required) Set this to the authorization code received from the initial authorize call (described above).

    redirect_uri: (required) Set this to the callback URL configured for your app in the developer console.

    For Example,

    url:-https://auth.atlassian.com/oauth/token
    content-type-app/json
    {
      "grant_type": "authorization_code",
      "client_id": "RaB8VafHWVrrKpMPwZXbG7Lh532TDJUI",
      "client_secret": "hCd-LsMqz81mVWw9g1el_-T5_QB4WSYro0UGth6lFg3FugsKSj_wzqvRIxYgazsL",
      "code": "Nj9sd_-vBMU-ZVtw",
      "redirect_uri": "https://localhost/callback"
    }

    If successful, this call returns an access token similar to this:

    HTTP/1.1 200 OK
    Content-Type: application/json
    {
      "access_token": <string>,
      "expires_in": <expiry time of access_token in second>,
      "scope": <string>
    }

    Result:

    {
        "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6Ik16bERNemsxTVRoRlFVRTJRa0ZGT0VGRk9URkJOREJDTVRRek5EZzJSRVpDT1VKRFJrVXdNZyJ9.eyJodHRwczovL2F0bGFzc2lhbi5jb20vb2F1dGhDbGllbnRJZCI6IlJhQjhWYWZIV1ZycktwTVB3WlhiRzdMaDUzMlRESlVJIiwiaHR0cHM6Ly9hdGxhc3NpYW4uY29tL2VtYWlsRG9tYWluIjoiZ21haWwuY29tIiwiaHR0cHM6Ly9hdGxhc3NpYW4uY29tL3N5c3RlbUFjY291bnRJZCI6IjYxZGJlM2ZmN2M2Zjk4MDA3MDk0ZWIxNSIsImh0dHBzOi8vYXRsYXNzaWFuLmNvbS9zeXN0ZW1BY2NvdW50RW1haWxEb21haW4iOiJjb25uZWN0LmF0bGFzc2lhbi5jb20iLCJodHRwczovL2F0bGFzc2lhbi5jb20vdmVyaWZpZWQiOnRydWUsImh0dHBzOi8vYXRsYXNzaWFuLmNvbS9maXJzdFBhcnR5IjpmYWxzZSwiaHR0cHM6Ly9hdGxhc3NpYW4uY29tLzNsbyI6dHJ1ZSwiaXNzIjoiaHR0cHM6Ly9hdGxhc3NpYW4tYWNjb3VudC1wcm9kLnB1czIuYXV0aDAuY29tLyIsInN1YiI6ImF1dGgwfDYxZDgwMjM5ZTY3ZWEyMDA2YmYzODExYyIsImF1ZCI6ImFwaS5hdGxhc3NpYW4uY29tIiwiaWF0IjoxNjQxODAxNjQyLCJleHAiOjE2NDE4MDUyNDIsImF6cCI6IlJhQjhWYWZIV1ZycktwTVB3WlhiRzdMaDUzMlRESlVJIiwic2NvcGUiOiJtYW5hZ2U6amlyYS1jb25maWd1cmF0aW9uIG1hbmFnZTpqaXJhLXByb2plY3QgbWFuYWdlOmppcmEtd2ViaG9vayB3cml0ZTpqaXJhLXdvcmsgcmVhZDpqaXJhLXdvcmsgcmVhZDpqaXJhLXVzZXIgbWFuYWdlOmppcmEtZGF0YS1wcm92aWRlciJ9.SJhmFoL2TJtvnNsf9lpFt017d1LFsQwpf5k8GenqmTos21LW1HHnITEYY4bIjSBItIXyyx9qSsINLLSQKsWPJ-PV2YGTtXCP4115KF06rs5GCLn9q-_JwVAFGAhmyoueV0JBE7L9kJZNsTEP8J3ivdy1UjuO91D6egprt6llQclJywGGt1gxNn1sTIOyAKhE-oeUFdbLBwJlICUIvwLbz-zUoZfhPD6wNFa5rKSgDpQX0NsZmuCgL6tcJ5PejXyJ4R_bmvMK9Ka66p38Fgy75tRZiSq5TjWwBtEI-a8C-96lxPUu_3ONxXA85ojJRfwKikYf4ty6MF9yJXBt_CwiVg",
        "scope": "manage:jira-configuration manage:jira-project manage:jira-webhook write:jira-work read:jira-work read:jira-user manage:jira-data-provider",
        "expires_in": 3600,
        "token_type": "Bearer"
    }

     

    Call to the API using access token

    To authorize the calls to the API for the Atlassian site from your app, use the following procedure.

    1. Get the cloudid for your site.
    2. Construct the request URL using the cloudid.
    3. Call the API, using the access token and request URL.

    Get the cloudid for your site

    Generate the cloudid using the access token that is created in the previous step as bearer token in the URL https://api.atlassian.com/oauth/token/accessible-resources

    curl --request GET \
      --url https://api.atlassian.com/oauth/token/accessible-resources \
      --header 'Authorization: Bearer ACCESS_TOKEN' \
      --header 'Accept: application/json'

    This request will give the sites that have scopes granted by the token. Find your site in the response and copy the id. This is the cloudid for your site.

    Result:

    [
        {
            "id": "10ecb314-9984-43d6-8051-229eaa26e0f1",
            "url": "https://testcloudenrich.atlassian.net",
            "name": "testcloudenrich",
            "scopes": [
                "manage:jira-configuration",
                "manage:jira-project",
                "manage:jira-webhook",
                "write:jira-work",
                "read:jira-work",
                "read:jira-user",
                "manage:jira-data-provider"
            ],
            "avatarUrl": "https://site-admin-avatar-cdn.prod.public.atl-paas.net/avatars/240/flag.png"
        }
    ]

     

    Build the request URL

    Requests that use OAuth 2.0 (3LO) are made viaapi.atlassian.com. Build your request URL using the following structure:

    Jira apps: https://api.atlassian.com/ex/jira/{cloudid}/{api}

    Confluence apps: https://api.atlassian.com/ex/confluence/{cloudid}/{api}

    Where, 

    {cloudid} is the cloudid for your site that you obtained in the previous step. For example,11223344-a1b2-3b33-c444-def123456789.

    {api} is the base path and name of the API. For example:

    /rest/api/2/project for the project endpoint in the Jira REST API.

    /rest/servicedeskapi/request for the request endpoint in the Jira Service Management REST API.

    /rest/api/space for the space endpoint in the Confluence REST API.

    Your request URL should look something like this (using the example cloudid and Jira API above):

    https://api.atlassian.com/ex/jira/11223344-a1b2-3b33-c444-def123456789/rest/api/2/project

    Call the API

    Make the API call passing the access token as a bearer token in the header of the request. 

    CREATE:

    curl --request POST \
      --url <request URL> \
      --header 'Authorization: Bearer ACCESS_TOKEN' \
      --header 'Accept: application/json'

    For Example,

    https://api.atlassian.com/ex/jira/10ecb314-9984-43d6-8051-229eaa26e0f1/rest/api/2/issue
    https://api.atlassian.com/ex/jira/{10ecb314-9984-43d6-8051-229eaa26e0f1}/rest/api/2/issue

    UPDATE:

    curl --request PUT \
      --url <request URL> \
      --header 'Authorization: Bearer ACCESS_TOKEN' \
      --header 'Accept: application/json'

    For Example,

    https://api.atlassian.com/ex/jira/10ecb314-9984-43d6-8051-229eaa26e0f1/rest/api/2/issue/NNOB-9

     

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.