Information in the module key and name are not considered private so they should not contain sensitive or personally identifiable information.
When a user uninstalls an app, all the data that the app sent to Jira is deleted. If the app is reinstalled, this data won't be added back unless the app resends historical information to Jira.
This key must be unique relative to the add on, with the exception of Confluence macros: Their keys need to be
globally unique.
Keys must only contain alphanumeric characters and dashes.
The key is used to generate the url to your add-on's module. The url is generated as a combination of your add-on
key and module key. For example, an add-on which looks like:
Will have a configuration page module with a URL of /plugins/servlet/ac/my-addon/configure-me.
name
Type
Required
Yes
Description
A human readable name.
Represents a string that can be resolved via a localization properties file. You can use the same i18n Property key
and value in multiple places if you like, but identical keys must have identical values.
Example
1
2
3
4
{
"value": "My text"
}
Properties
value
Type
Max length
1500
Required
Yes
Description
The human-readable default value. This will be used if no translation exists.
Only the following HTML tags are supported: b, i, strong, em, and code.
i18n
Type
Max length
300
Description
The localization key for the human-readable value.
Translations for the keys are defined at the top level of the
add-on descriptor.
actions
Type
Description
Required actions to hydrate security workspace and container data.
Security Information actions that can be performed by Jira users.
Each action is optional (unless indicated otherwise). The absence of an action indicates that the action is not supported by the provider.
Properties
fetchContainers
Type
Required
Yes
Description
Action for fetching security containers by IDs.
Example request
The templateUrl property of this action will receive a POST request when this action is invoked. The container IDs to be fetched will be included in the body.
1
2
3
4
5
{
"ids": ["XXXX", "YYYY"]
}
Example response
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
{
"containers": [
{
// Identifier of the security container which will be used to hydrate container details. This should be in this regex format: [a-zA-Z0-9\\-_.~@:{}=]+(/[a-zA-Z0-9\\-_.~@:{}=]+)*.
id: "f730ce9c-3442-4f8a-93a4-a44f3b35c46b/target/111-222-333",
// Human readable name of the container
name: "my-container-name",
// Url allowing Jira to link directly to the provider's container
url: "https://my.security.provider.com/f730ce9c-3442-4f8a-93a4-a44f3b35c46b/container/f730ce9c-3442-4f8a-93a4-a44f3b35c46b",
// Url providing the avatar for the container.
avatarUrl: "https://res.cloudinary.com/snyk/image/upload/v1584038122/groups/Atlassian_Logo.png",
// The date and time this container was last scanned/updated
lastUpdatedDate: "2022-01-19T23:27:25+00:00"
}
]
}
fetchWorkspaces
Type
Required
Yes
Description
Action for fetching security workspaces by IDs.
Example request
The templateUrl property of this action will receive a POST request when this action is invoked. The workspace IDs to be fetched will be included in the body.
1
2
3
4
5
{
"ids": ["XXXX", "YYYY"]
}
Example response
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
{
"workspaces": [
{
// Identifier of the security workspace which will be used to hydrate workspace details
id: "f730ce9c-3442-4f8a-93a4-a44f3b35c46b"
// Human readable name of the workspace
name: "economy-security-scanning"
// Url allowing Jira to link directly to the provider's workspace
url: "https://my.security.provider.com/org/f730ce9c-3442-4f8a-93a4-a44f3b35c46b"
// Url providing the avatar for the workspace.
avatarUrl: "https://res.cloudinary.com/snyk/image/upload/v1584038122/groups/Atlassian_Logo.png"
}
]
}
searchContainers
Type
Required
Yes
Description
Action for showing any partial or full matches using a search on the security container name for a given workspace.
Example request
The templateUrl property of this action will receive a GET request with workspaceId and searchQuery query params when this action is invoked.
{
"containers": [
{
// Identifier of the security container which will be used to hydrate container details. This should be in this regex format: [a-zA-Z0-9\\-_.~@:{}=]+(/[a-zA-Z0-9\\-_.~@:{}=]+)*.
id: "f730ce9c-3442-4f8a-93a4-a44f3b35c46b/target/111-222-333",
// Human readable name of the container
name: "my-container-name",
// Url allowing Jira to link directly to the provider's container
url: "https://my.security.provider.com/f730ce9c-3442-4f8a-93a4-a44f3b35c46b/container/f730ce9c-3442-4f8a-93a4-a44f3b35c46b",
// Url providing the avatar for the container.
avatarUrl: "https://res.cloudinary.com/snyk/image/upload/v1584038122/groups/Atlassian_Logo.png",
// The date and time this container was last scanned/updated
lastUpdatedDate: "2022-01-19T23:27:25+00:00"
}
]
onEntityAssociated
Type
Description
Action to notify the security provider when vulnerability has been associated with jira issue
Example request
The templateUrl property of this action will receive a PUT request when this action is invoked. The entity.id is the providers external ID
{
"entity": {
// This is vulnerability Atlassian Resource Identifier (ARI). This should be in format: ari:cloud:jira:{siteId}:vulnerability/activation/{activationId}/{vulnerabilityId}
"ari": "ari:cloud:jira:f730ce9c-3442-4f8a-93a4-a44f3b35c46b:vulnerability/activation/111-222-333/111111",
// This is vulnerability identifier provided by the provider
"id": "1234"
},
"associatedWith": {
// This is jira issue Atlassian Type Identifier (ATI)
"ati": "ati:cloud:jira:issue",
// This is jira issue Atlassian Resource Identifier (ARI) that get associated with the vulnerability. This should be in format: ari:cloud:jira:{siteId}:issue/{issueId}
"ari": "ari:cloud:jira:f730ce9c-3442-4f8a-93a4-a44f3b35c46b:issue/1234"
// This is the siteId
"cloudId": "f730ce9c-3442-4f8a-93a4-a44f3b35c46b",
// This is jira issue identifier
"id": "1234"
}
}
onEntityDisassociated
Type
Description
Action to notify the security provider when vulnerability has its association removed from jira issue
Example request
The templateUrl property of this action will receive a PUT request when this action is invoked. The entity.id is the providers external ID
{
"entity": {
// This is vulnerability Atlassian Resource Identifier (ARI). This should be in format: ari:cloud:jira:{siteId}:vulnerability/activation/{activationId}/{vulnerabilityId}
"ari": "ari:cloud:jira:f730ce9c-3442-4f8a-93a4-a44f3b35c46b:vulnerability/activation/111-222-333/111111",
// This is vulnerability identifier provided by the provider
"id": "1234"
},
"disassociatedFrom": {
// This is jira issue Atlassian Type Identifier (ATI)
"ati": "ati:cloud:jira:issue",
// This is jira issue Atlassian Resource Identifier (ARI) get disassociated from the vulnerability. This should be in format: ari:cloud:jira:{siteId}:issue/{issueId}
"ari": "ari:cloud:jira:f730ce9c-3442-4f8a-93a4-a44f3b35c46b:issue/1234"
// This is the siteId
"cloudId": "f730ce9c-3442-4f8a-93a4-a44f3b35c46b",
// This is jira issue identifier
"id": "1234"
}
}
documentationUrl
Type
Format
uri
Description
Optional URL to documentation about the provider's Jira integration.
logoUrl
Type
Format
uri
Description
Optional URL to the provider's logo, which will be displayed in the UI.