Jira Integration

Overview

Argus's Jira integration scans issue descriptions, comments, and attachments across your Jira projects for pasted credentials, API keys, and tokens. Works with both Jira Cloud and Jira Data Center.

Prerequisites

• Jira site admin (Cloud) or system admin (Data Center)
• A Jira API token (Cloud) or Personal Access Token (Data Center)
• A Cremit Argus account

Step-by-Step Setup

Step 1: Create a Jira API token

• For Jira Cloud: go to id.atlassian.com > Security > Create and manage API tokens
• For Jira Data Center: User Profile > Personal Access Tokens > Create token
• Label the token 'Cremit Argus' and copy it immediately

Step 2: Add Jira as a Scan Source in Argus

• In Argus, go to Configuration > Scan Sources and click New
• Select Jira, then choose Cloud or Data Center
• Enter your Jira base URL (for example, yourcompany.atlassian.net)
• Enter the authenticating account's email and paste the token
• Click Test Connection, then Create

Step 3: Select projects to scan

Control scope at the project level.

• All accessible Jira projects appear in the target list
• Enable per-project or use Bulk Enable
• Auto-enable New Projects keeps coverage up as projects are created

Step 4: Decide what content to scan

By default, Argus scans issue body and comments. Attachments are optional.

• Toggle Include Attachments to also scan uploaded files
• Toggle Include Sub-tasks if you want child issues covered alongside parents

Verification

To confirm the integration is configured correctly:

• Test Connection returns 200 OK with the correct Jira deployment type
• Selected projects show Scan Coverage > 0 within 30 minutes
• Issues edited after the initial scan are re-processed within a few minutes
• No authentication errors appear in the source's recent activity

Troubleshooting

Issue: Test Connection fails with 403 Forbidden.

• Solution: The authenticating account needs Browse Projects permission on each target project. For Cloud, confirm the account is not a 'customer' role.

Issue: Attachments are skipped even with the toggle on.

• Solution: Some legacy Jira Data Center deployments serve attachments from a separate URL. Check the Argus error log for the exact HTTP status returned, and allow the same egress path as the main Jira URL.

Key Benefits

• Covers a common paste-debugging surface that code scanners miss
• Works across Jira Cloud and Data Center from the same interface
• Granular scope: pick the projects that matter, skip the noisy ones
• Attachment scanning catches secrets in config files and logs uploaded to tickets