The Jira integration scans issue descriptions, comments, and attachments in Atlassian Jira for credentials and other sensitive data. To send TruffleHog detections to Jira as notifications, see the Jira notifier instead.

The Jira integration can be configured in TruffleHog under 

, or via a local configuration file (below).

 page in TruffleHog. You'll need credentials appropriate to your Jira deployment — see the local configuration section below for the supported authentication methods.

Local configuration supports three authentication modes, depending on your Jira deployment:

 — uses your Atlassian email address as the username and a Jira Cloud API token as the password.

 — uses an account username and password.

If projects is omitted, all projects the credentials can list and access are scanned.

Use this for Jira Cloud. The username must be the email address attached to your Atlassian account, and the password must be a Jira Cloud API token. Standard passwords cannot be used in place of an API token for Jira Cloud.

sources:
  - connection:
      "@type": type.googleapis.com/sources.JIRA
      endpoint: https://ourbusiness.atlassian.net
      basicAuth:
        # Jira Cloud requires an API token for the password.
        username: scanner-account@ourbusiness.com
        password: XXXXXXXXXXXXXXXXXXXXXXXXXX
    name: JIRA
    scanPeriod: 12h
    type: SOURCE_TYPE_JIRA
    verify: true

Use this for self-hosted Jira with a personal access token.

sources:
  - connection:
      "@type": type.googleapis.com/sources.JIRA
      endpoint: https://jira.ourbusiness.com
      token: XXXXXXXXXXXXXXXXXXXXXXXXXX
    name: JIRA
    scanPeriod: 12h
    type: SOURCE_TYPE_JIRA
    verify: true

Use this for self-hosted Jira with username and password authentication.

sources:
  - connection:
      "@type": type.googleapis.com/sources.JIRA
      endpoint: https://jira.ourbusiness.com
      basicAuth:
        username: scanner-account@ourbusiness.com
        password: XXXXXXXXXXXXXXXXXXXXXXXXXX
      projects:
        - ENG
        - ITSYS
    name: JIRA
    scanPeriod: 12h
    type: SOURCE_TYPE_JIRA
    verify: true

Learn how to seamlessly integrate TruffleHog with Atlassian Jira. Discover step-by-step instructions for creating Jira Cloud and on-premise Jira credentials, along with essential configuration options for local se

Jenkins

Jira

source

Microsoft Sharepoint

TruffleHog Docs

Choose your adventure

Configuring a scanner

Hosted Scanner deployment

Creating a scanner

Configuring a self-hosted scanner

Self-Hosted Deployment Guide

Linux Host

Docker

Helm Chart

Kubernetes Manifest

Resource requirements

Configuration file reference

Credential management

Running the scanner

Self-Hosted Scanner deployment

TruffleHog Enterprise - Getting started

Artifactory

AWS S3

Azure Repos (cloud)

Bitbucket

Buildkite

CircleCI

Confluence

Filesystem

Gerrit

GitLab

GitHub Real-time

GitHub

Google Cloud Storage (GCS)

Google Drive Domain-Wide Delegation (DWD)

Google Drive

Microsoft Teams

Postman

Slack

Vector

Reverify secrets

Verification caching

Scan for secrets

Self-discovery analyzers

GCP analyze

Analyze secrets

Email

Multi-project ticket synchronization

Splunk

Stdout

Webhook

Notify results

Shared Secrets

Scanning in CI

Pre-commit hooks

Pre-receive hooks

Block secrets from leaking

Custom detectors

Customizing detection

On-premise verification

Customizing detectors

Customizing TruffleHog

User Enablement Guide

Exported Secrets Column Definitions

Resource Hub

Architecture

Dynamic Role-Based Access Control (RBAC)

Authentication

Compliance

Data flow

How we handle your data

Security and Compliance

Secret Management Best Practices

Terminology

2026 April

2026 March

2026 January

2025 December

2025 November

2025 October

2025 September

2025 August

2025 July

2025 June

2025 May

TruffleHog Release Notes