Scan data for secrets
Jira
6min
enterprise feature this feature is only available with trufflehog enterprise contact us to learn more source integration to atlassian jira , issue and project tracking software if you are looking to send your trufflehog results to jira, please visit jira docid\ xfwwvuxmrwc9crdabx41z notifier page creating credentials to configure basic authentication for jira cloud, use your email address as the username and a jira cloud token as the password a web interface for creating and managing api tokens, with one named "trufflehog scanner " for on premise jira instances, you can use a username and password with basic authentication, or you can use a personal access token (pat) with token authentication if you omit providing projects then all projects that the credential can list and access will be scanned configuration options web configuration you can configure this integration via the web ui through the integrations tab or you can use a local configuration file as outlined below local configuration jira cloud basic auth with access token sources \ connection '@type' type googleapis com/sources jira endpoint https //ourbusiness atlassian net basicauth \# jira cloud requires an api token for the password password xxxxxxxxxxxxxxxxxxxxxxxxxx username scanner account\@ourbusiness com name jira scanperiod 12h type source type jira verify true jira server / datacenter with access token sources \ connection '@type' type googleapis com/sources jira endpoint https //ourbusiness atlassian net token xxxxxxxxxxxxxxxxxxxxxxxxxx name jira scanperiod 12h type source type jira verify true jira server / datacenter with basic auth sources \ connection '@type' type googleapis com/sources jira basicauth \# jira server / datacenter accepts username \# and password for basic auth jira cloud \# uses email + access token! username scanner account\@ourbusiness com password xxxxxxxxxxxxxxxxxxxxxxxxxx endpoint https //ourbusiness atlassian net projects \ eng \ itsys name jira scanperiod 12h type source type jira verify true options key description required endpoint the url for the jira instance yes projects list of project keys to include omit to enumerate instead no ignoreprojects list of project keys to exclude combines with enumeration no insecureskipverifytls skip tls certificate verification for jira connection setting this to true may pose security issues no capabilities feature supported scan comments ✅ scan attachments ✅ scan description ✅ scan archive files ✅ scan base64 encoded data ✅ scan binaries ✅ auto resume ✅