# Jira Integration Sprinto integrates with Jira to automate evidence collection, streamline issue tracking, manage incidents, support vulnerability workflows, and perform access reviews. You can connect Jira in two ways depending on your use case: 1. **Ticketing, Incident Management, Project Management, and Vulnerability Scanner** (OAuth-based) 2. **Access Review** (OAuth 2.0 or API Key) ### Area overview The Jira integration allows Sprinto to: * Create and update Jira issues. * Sync issue and project data for compliance tracking. * Monitor vulnerabilities via Jira workflows. * Review user access and application roles for access reviews. Sprinto connects to Jira using secure authentication (OAuth 2.0 or API token) and only reads or writes data necessary for the selected automation. *** ### Sprinto Checks for Jira Integrations Following are the available Sprinto checks for various Jira integration types: Ticketing & Incident Management

Sprinto check	Required action
Ticketing system for change management should be setup	The following Sprinto check fails if no ticketing system is configured on your Sprinto account. How to fix: The check starts passing once a ticketing system is configured. Follow the procedure below to configure Jira as a ticketing system.
Change management ticket should have an assignee	The following Sprinto check fails if any change request tickets don’t have an assignee. How to fix: Assign a relevant stakeholder to the specified change ticket and ensure all tickets have an assignee assigned.
Reported incident should be closed in Jira	The following Sprinto check fails if any change ticket is detected in the “Open” state on the configured change management system. How to fix: Ensure the change request is actioned and closed from your configured Jira project.
No new change management tickets were added in over 30 days	The following Sprinto check fails if a change request ticket gets created over 30 days.
At least one change management system should be connected	The following Sprinto check fails if no change management system is configured on your Sprinto account. How to fix: Ensure at least one change management system is configured.

#### Access review

Sprinto check	Reference procedure
Jira access should be removed for offboarded user	How to fix
User should be identified	How to fix
User access to critical system should be valid	How to fix

### Prerequisites #### Integration Methods 1. For Ticketing, Incident Management, Project Management, and Vulnerability Scanner - 1. Via Sprinto's OAuth app 2. Via Service Account 2. For Access Review - 1. OAuth 2.0 2. OAuth 2.0 Cliet Credentials 3. API Key Before you begin: * Ensure you have **admin access** to your Jira account. * Identify your Jira domain (for example, `yourcompany.atlassian.net`). * If using API key authentication (Access Review flow), [generate an API token](https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/) from Atlassian. {% hint style="info" %} #### Note The `manage:jira-configuration` OAuth scope requires Jira admin access. {% endhint %} *** ### How it works Depending on the integration type: * Sprinto connects to Jira using OAuth 2.0 (recommended) or an API token. * Required permissions are displayed before connection. * You review and approve access. * Sprinto begins automating controls and checks linked to the selected Jira use case. *** ## For Ticketing, Incident Management, Project Management, and Vulnerability Scanner ### Via OAuth App This method uses **OAuth 2.0**. #### Step 1: Navigate to Jira integration 1. Log in to Sprinto. 2. Go to **Settings → Integrations**. 3. In the **All** tab, search for **Jira**. 4. Click **Connect** next to Jira.

5. Click **Connect** next to **Jira – Ticketing, Incident Management, Project Management, Vulnerability Scanner.**

*** #### Step 2: Review permissions and data A drawer opens displaying: * Controls automated * Checks automated * Permissions required * Data used by Sprinto Review the details and click **Next**.

1. In the **Setup Jira Integration** screen, select **Use Sprinto's OAuth app**. 2. Click **Continue**. *** #### Step 3: Connect using OAuth 1. Enter your **Jira domain**. * Do not include `https://`. * Do not include paths. * Example: `yourcompany.atlassian.net` 2. Click **Connect**.

3. Log in to your Atlassian account. 4. Review the requested permissions. 5. Approve access. You will be redirected back to Sprinto once the connection is successful. *** #### OAuth scopes requested Sprinto requests the following Jira OAuth scopes: * `read:jira-work` – Read Jira project and issue data * `write:jira-work` – Create and modify issues * `read:jira-user` – Read user information * `manage:jira-configuration` – Read workflows and statuses {% hint style="info" %} #### Note The `manage:jira-configuration` scope requires Jira admin access. {% endhint %} *** ### Via Service Account Use this method if you want to connect Jira using **your own Atlassian service account and OAuth credentials** instead of Sprinto’s preconfigured OAuth application. One of the main advantages of this method is that it is **not tied to an individual user account**. As a result, changes to a user’s account, such as offboarding or permission updates, do not impact the integration. This method requires creating a **service account and OAuth credentials in Atlassian Admin**, and then entering the generated credentials in Sprinto. ### Step 1: Select the service account authentication method 1. In the **Setup Jira Integration** screen, select **Use your organization's service account**. 2. Click **Continue**.

Sprinto displays the **required scopes and prerequisites** for the integration. #### Required scopes for Jira Your OAuth app must include the following scopes: * **read:jira-work** – Read project and issue data * **read:jira-user** – Read user information * **read:instance-configuration:jira** – Read instance configuration * **read:workflow:jira** – Read workflow configuration * **read:status:jira** – Read status information Optional: * **write:jira-work** – Required for Active Sync (for example, automatically creating tickets).

#### Prerequisites Ensure the following before proceeding: * A **service account with Jira product access** is created in Atlassian Admin. * The service account has **Jira Admin permissions**. * An **OAuth 2.0 credential** is created for the service account with the required scopes. You must provide the following information in Sprinto: * Client ID * Client Secret * Jira Domain *** ## Step 2: Create a service account in Atlassian 1. Log in to **Atlassian Admin**. 2. Navigate to **Directory → Service accounts**. 3. Click **Create service account**. 4. Enter the following details: * **Name** – For example, *Sprinto Integration*. * **Description** – Optional description of the integration. 5. Click **Next**.

*** ## Step 3: Assign application roles 1. Assign roles for the service account across the required applications. 2. Ensure the following roles are granted: * **Jira** → User * **Jira Administration** → App admin * **Projects** → App admin 3. Click **Create**.

After the service account is created, you will be redirected to the **Service Account details page**, where the assigned roles are visible. *** ## Step 4: Create OAuth credentials for the service account 1. From the service account page, click **Create credentials**.

2. Select **OAuth 2.0** as the authentication type. 3. Click **Next**.

*** ## Step 5: Configure OAuth scopes 1. In the **Select scopes** screen, search and add the following scopes: * read:jira-work * read:jira-user * read:instance-configuration:jira * read:workflow:jira * read:status:jira Optional: * write:jira-work (required for ticket creation and active sync) 2. Click **Next**.

*** ## Step 6: Review and create the OAuth credential 1. Review the OAuth configuration and selected scopes. 2. Click **Create**.

Atlassian generates the OAuth credential. You will see the following details: * **Client ID** * **Client Secret** Copy these values and store them securely. The client secret cannot be retrieved later.

*** ## Step 7: Complete the connection in Sprinto 1. Return to the **Setup Jira Integration** screen in Sprinto. 2. Enter the following details: * **Client ID** * **Client Secret** * **Jira Domain** (for example, `yourcompany.atlassian.net`) 3. Click **Connect**. Sprinto validates the credentials and establishes the connection.

*** ## For Access Review Integration Use this method to automate user and role access reviews in Jira. You can connect using: * OAuth 2.0 (recommended) * API Key *** ### Step 1: Start Access Review integration 1. Go to **Settings → Integrations**. 2. Search for **Jira**. 3. Click **Connect**. 4. Select: **Jira – Access Review** 5. Click **Connect**.

*** ### Step 2: Review permissions and data The drawer displays: #### Permissions required * Read Jira user * Read Jira work * Read application role #### Data used by Sprinto * Primary email * Status * Username Review the details and click **Next**.

*** ### Step 3: Confirm admin access 1. Review the integration steps shown on screen. 2. Select the **I have admin access to my Jira account** checkbox. 3. Click **Connect to Jira**.

A pop-up appears with two authentication options.

*** ### Option A: Connect using OAuth 2.0 (Recommended) 1. Select **OAuth 2.0**. 2. Review the requested permissions and click **Connect**.

3. A Jira authentication window opens. 4. Log in to your Atlassian account. 5. Click **Connect**. 6. Approve access. You are redirected back to Sprinto once the integration is complete. *** ### Option B: Connect using API Key 1. Select **API Key**. 2. Enter the following: * **Jira Email Address** * **API Token** * **Jira Domain** (for example, `yourcompany.atlassian.net`) To generate an API token, follow Atlassian’s official [guide](https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/). 3. Click **Connect**.

The integration becomes active once validated. *** ## Post-connection flow After successful integration: * Jira appears as **Active** under Integrations. * Sprinto begins syncing relevant data based on the selected use case. * Automated controls and checks linked to Jira are triggered. * For Access Review, Jira can be monitored under **Access → Overview** if required. You can manage or disconnect the integration from **Settings → Integrations**. *** ## Troubleshooting ### I do not see the Connect button enabled Ensure: * You have the required Sprinto permissions. * You have Jira admin access. *** ### OAuth connection fails * Verify that you entered the correct Jira domain. * Ensure pop-ups are not blocked in your browser. * Confirm that your Jira account has admin access. *** ### API Key authentication fails * Verify the email address matches your Jira login. * Regenerate the API token and try again. * Ensure the Jira domain does not include `https://` or additional paths. *** ### Permission denied error This usually occurs if: * The Jira account does not have admin privileges. * The required OAuth scopes cannot be granted. Ensure your account can grant: * `manage:jira-configuration` * `read:jira-work` * `write:jira-work` * `read:jira-user` *** If issues persist, contact Sprinto Support with: * Your Jira domain * Integration type used (OAuth or API key) * Screenshot of the error message Please contact [Sprinto Support](mailto:www.support@sprinto.com) If you have any queries related to the integration or need any assistance.