Skip to main content

Integrate Jira Cloud with Contrast Scan

You can configure Jira Cloud to choose a subset of severities and result categories from which the integration should create a Jira ticket for Contrast Scan vulnerabilities. You can also configure a two-way integration if you want to change the Scan vulnerability status in Contrast every time an issue closes or reopens in Jira.

Steps

  1. From the user menu, select Organization settings > Integrations.

  2. In the Jira Cloud section, select Configuration.

  3. In the Credentials tab, enter your Jira credentials and select Save.

    1. Credentials: Enter a name for the Jira integration.

    2. Username: Enter your Jira username.

    3. URL: Enter the URL for your Jira instance.

    4. API key: Enter the API key for your Jira instance.

    Saving these credentials establishes a connection with Jira.

  4. In the Scan projects tab, specify the scan projects you want to integrate with Jira and select Save.

    • To integrate all your scan projects with Jira, select Enable for all Scan projects.

    • To integrate only specific scan projects with Jira, select the individual projects in the Scan projects box.

  5. In the Configuration tab, configure the Jira settings for the integration and select Save.

    1. Jira Cloud project: Select a Jira project that you want to integrate with Contrast.

      Changing the project name also changes the related Jira fields and values available to you.

    2. Default issue type: Select the type of issue for which Contrast creates Jira tickets.

      The default issue type affects which custom issue fields that you can select.

    3. Default epic: Select a Jira epic.

    4. Default assignee: Select a Jira ticket assignee.

    5. Issue type custom fields: If you want to prefill additional Jira fields, select the fields you want to add and the default value for each field.

    6. Default priority for each vulnerability severity level: Select the Jira priority that you want to map to each Contrast severity level.

    7. Severity levels for tickets: Select the levels for which Contrast creates JIRA tickets.

  6. Optional: In the Configuration tab, configure the bi-directional integration and select Save.

    1. Select Enable bi-directional integration.

      Contrast displays a webhook URL that your Jira administrator needs to register in Jira.

    2. Select the Add icon (icon-add.svg)

    3. Select the Jira status, the Jira resolution , and the Contrast vulnerability status.

      These settings work together to determine the vulnerability status Contrast applies to vulnerabilities based on the specified status and resolution in Jira tickets.

      The available status options depend on the selected default issue type. The resolution options are available only if the selected Jira status is Done.