Jira — ARX Docs

Overview¶

The Jira connector integrates with the Jira Cloud REST API v3 and the Jira Agile REST API for complete issue lifecycle management. It supports 36 operations across 9 API families: Issues, Comments, Attachments, Worklogs, Projects, Users, Boards, Sprints, Metadata, and Webhooks.

All operations are policy-evaluated and audit-logged through the ARX BaseConnector.execute() pipeline before reaching the Jira API.

Connector class: JiraConnector Module: app.connectors.jira

Prerequisites¶

Requirement	Details
Jira instance	Jira Cloud (e.g. `https://yourorg.atlassian.net`) or Jira Server
API token	Generated from Atlassian API tokens
Email	The Atlassian account email associated with the API token
Vault path	Store credentials as `base_url`, `email`, and `api_token` in the ARX vault

Required Vault Credentials¶

{
  "base_url": "https://yourorg.atlassian.net",
  "email": "bot@yourorg.com",
  "api_token": "ATATT3xFfGF0..."
}

SDK Usage¶

from app.connectors.jira import JiraConnector

jira = JiraConnector(agent_id="agent-001", org_id="org-acme")

# Search issues with JQL
results = await jira.search_issues(
    jql='project = SEC AND status = Open',
    max_results=20,
)

# Create a security incident ticket
ticket = await jira.create_issue(
    project_key="SEC",
    summary="Investigate suspicious login from 198.51.100.42",
    issue_type="Bug",
    priority="High",
    labels=["security", "automated"],
)

# Transition an issue to In Progress
transitions = await jira.get_transitions("SEC-456")
await jira.transition_issue("SEC-456", transition_id="31")

# Add a comment
await jira.add_comment("SEC-456", "Automated enrichment complete. See attached IOC report.")

# List agile boards and sprints
boards = await jira.list_boards(project_key="SEC")
sprints = await jira.get_board_sprints(board_id="42", state="active")

Operations¶

Issues (9 operations)¶

Operation	Method	Path	Risk	Description
`issues:read`	GET	`/rest/api/3/search`	LOW	Search issues using JQL query
`issues:read_detail`	GET	`/rest/api/3/issue/{issueIdOrKey}`	LOW	Get full issue details by key or ID
`issues:create`	POST	`/rest/api/3/issue`	MEDIUM	Create a new Jira issue
`issues:update`	PUT	`/rest/api/3/issue/{issueIdOrKey}`	MEDIUM	Update fields on an existing issue
`issues:delete`	DELETE	`/rest/api/3/issue/{issueIdOrKey}`	HIGH	Permanently delete an issue
`issues:transition`	POST	`/rest/api/3/issue/{issueIdOrKey}/transitions`	MEDIUM	Transition issue to a new workflow status
`issues:assign`	PUT	`/rest/api/3/issue/{issueIdOrKey}/assignee`	MEDIUM	Assign issue to a user
`issues:read_transitions`	GET	`/rest/api/3/issue/{issueIdOrKey}/transitions`	LOW	Get available transitions for an issue
`issues:bulk_create`	POST	`/rest/api/3/issue/bulk`	MEDIUM	Bulk create multiple issues in a single request

Comments (4 operations)¶

Operation	Method	Path	Risk	Description
`comments:read`	GET	`/rest/api/3/issue/{issueIdOrKey}/comment`	LOW	Get comments on an issue
`comments:create`	POST	`/rest/api/3/issue/{issueIdOrKey}/comment`	LOW	Add a comment to an issue
`comments:update`	PUT	`/rest/api/3/issue/{issueIdOrKey}/comment/{comment_id}`	LOW	Update an existing comment
`comments:delete`	DELETE	`/rest/api/3/issue/{issueIdOrKey}/comment/{comment_id}`	MEDIUM	Delete a comment from an issue

Attachments (3 operations)¶

Operation	Method	Path	Risk	Description
`attachments:read`	GET	`/rest/api/3/issue/{issueIdOrKey}`	LOW	Get issue attachments (via `fields=attachment`)
`attachments:upload`	POST	`/rest/api/3/issue/{issueIdOrKey}/attachments`	MEDIUM	Upload an attachment to an issue
`attachments:delete`	DELETE	`/rest/api/3/attachment/{attachment_id}`	MEDIUM	Delete an attachment by ID

Worklogs (2 operations)¶

Operation	Method	Path	Risk	Description
`worklogs:read`	GET	`/rest/api/3/issue/{issueIdOrKey}/worklog`	LOW	Get worklog entries for an issue
`worklogs:create`	POST	`/rest/api/3/issue/{issueIdOrKey}/worklog`	LOW	Add a worklog entry to an issue

Projects (4 operations)¶

Operation	Method	Path	Risk	Description
`projects:read`	GET	`/rest/api/3/project`	LOW	List all accessible projects
`projects:read_detail`	GET	`/rest/api/3/project/{projectIdOrKey}`	LOW	Get project details by key or ID
`projects:read_components`	GET	`/rest/api/3/project/{projectIdOrKey}/components`	LOW	Get components for a project
`projects:read_versions`	GET	`/rest/api/3/project/{projectIdOrKey}/versions`	LOW	Get versions/releases for a project

Users (3 operations)¶

Operation	Method	Path	Risk	Description
`users:read`	GET	`/rest/api/3/users/search`	LOW	Search for users
`users:read_detail`	GET	`/rest/api/3/user`	LOW	Get user details by account ID
`users:read_groups`	GET	`/rest/api/3/user/groups`	LOW	Get groups a user belongs to

Boards (3 operations)¶

Operation	Method	Path	Risk	Description
`boards:read`	GET	`/rest/agile/1.0/board`	LOW	List agile boards
`boards:read_sprints`	GET	`/rest/agile/1.0/board/{board_id}/sprint`	LOW	Get sprints for a board
`boards:read_backlog`	GET	`/rest/agile/1.0/board/{board_id}/backlog`	LOW	Get backlog issues for a board

Sprints (2 operations)¶

Operation	Method	Path	Risk	Description
`sprints:read`	GET	`/rest/agile/1.0/sprint/{sprint_id}`	LOW	Get sprint details
`sprints:read_issues`	GET	`/rest/agile/1.0/sprint/{sprint_id}/issue`	LOW	Get issues in a sprint

Metadata (3 operations)¶

Operation	Method	Path	Risk	Description
`fields:read`	GET	`/rest/api/3/field`	LOW	List all issue fields (system and custom)
`priorities:read`	GET	`/rest/api/3/priority`	LOW	List all priority levels
`statuses:read`	GET	`/rest/api/3/statuses`	LOW	List all issue statuses

Webhooks (3 operations)¶

Operation	Method	Path	Risk	Description
`webhooks:read`	GET	`/rest/api/3/webhook`	LOW	List registered webhooks
`webhooks:create`	POST	`/rest/api/3/webhook`	MEDIUM	Register a new webhook
`webhooks:delete`	DELETE	`/rest/api/3/webhook/{webhook_id}`	MEDIUM	Delete a registered webhook

Risk Classifications¶

Level	Operations	Rationale
LOW	All read operations, searches, comments (create/update), worklogs, metadata queries	No destructive state changes; safe for autonomous execution
MEDIUM	Create/update issues, transitions, assignments, bulk create, attachment upload/delete, comment delete, webhook create/delete	Modifies issue state or external integrations but is generally reversible
HIGH	`issues:delete`	Permanently removes an issue and cannot be undone

Policy Examples¶

SOC triage agent -- create and manage security tickets¶

- name: jira-soc-triage
  connector: jira
  operations:
    - "issues:read*"
    - "issues:create"
    - "issues:update"
    - "issues:transition"
    - "issues:assign"
    - "comments:*"
    - "projects:read*"
    - "users:read*"
  risk_max: medium
  approval: none

Read-only project visibility¶

- name: jira-readonly
  connector: jira
  operations:
    - "issues:read*"
    - "comments:read"
    - "attachments:read"
    - "worklogs:read"
    - "projects:read*"
    - "users:read*"
    - "boards:read*"
    - "sprints:read*"
    - "fields:read"
    - "priorities:read"
    - "statuses:read"
  risk_max: low
  approval: none

Full issue management with delete approval¶

- name: jira-full-management
  connector: jira
  operations:
    - "issues:*"
    - "comments:*"
    - "attachments:*"
    - "worklogs:*"
  risk_max: high
  approval:
    medium: auto
    high: hitl
  hitl_channel: "#jira-approvals"