Jira / Confluence DC

Description

The Jira / Confluence Data Center connector uses the Atlassian REST API to discover user accounts, groups, and project/space role memberships within self-hosted Jira Data Center or Confluence Data Center deployments. It authenticates using a Personal Access Token and provides visibility into application-tier access across development and documentation platforms.

System Type Classification

Field	Value
System Type	Application
Default Scan Priority	500

Version Support

OrbisID Edition	Supported
Community	No
Pro	Yes
Enterprise	Yes

Supported Protocol

Protocol	Port	Notes
REST API (HTTPS)	443 TCP	Personal Access Token (PAT) via `Authorization: Bearer` header

What OrbisID Discovers

Data	Source
Users	`GET /rest/api/3/users/search` (Jira)
Groups	`GET /rest/api/3/groups/picker` (Jira)
Group memberships	`GET /rest/api/3/group/member`
Jira roles	`GET /rest/api/3/role`
Confluence users	`GET /wiki/rest/api/user/list` (Confluence)

Connection Requirements

Required Permissions

Create a dedicated service account and generate a Personal Access Token with read-only access.

Minimum permissions:

Browse Users global permission (Jira)
Confluence Administrator or System Administrator (for Confluence user enumeration)

Credential Mapping

OrbisID Field	Value
`credential.password`	Atlassian Personal Access Token
`system.hostname`	Jira/Confluence server hostname (e.g., `jira.example.com`)

Network Requirements

The OrbisID server must have HTTPS access to the Jira or Confluence Data Center instance on port 443.

Configuration Steps

In Jira/Confluence, navigate to Profile → Personal Access Tokens → Create token
Grant the token no expiry or set a long expiry; ensure it belongs to an admin service account
Create a Credential in OrbisID:
- Password: Personal Access Token
Navigate to Systems → Add System
Fill in the fields:

Field	Value
Name	Descriptive name (e.g., `Jira DC – Engineering`)
OS Type	`JiraConfluenceDc`
System Type	`Application`
Hostname	Jira/Confluence server hostname
Credential	The PAT credential

Click Test Connection
Click Save

Troubleshooting

Symptom	Likely Cause	Resolution
`401 Unauthorized`	Invalid or expired PAT	Regenerate the Personal Access Token
No users returned	Missing Browse Users permission	Grant Browse Users global permission to the service account
`403 Forbidden`	Token lacks admin scope	Ensure the token belongs to a Jira/Confluence administrator
Cannot connect	HTTPS not configured	Verify SSL is enabled on the instance

Description​

System Type Classification​

Version Support​

Supported Protocol​

What OrbisID Discovers​

Connection Requirements​

Required Permissions​

Credential Mapping​

Network Requirements​

Configuration Steps​

Troubleshooting​