Uploaded image for project: 'Admin Experience'
  1. Admin Experience
  2. AX-685

Notify admins when Atlassian API tokens is exposed in GitHub

XMLWordPrintable

    • 1

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Problem Definition

      At the moment, any Atlassian API tokens (Jira / Confluence) that are disclosed publicly in a GitHub repository will automatically be revoked and the affected user will be notified via e-mail.

      For some organisation this may not enough as the email visibility is limited to individual user.

      Suggested Solution

      Send a notification to an Admins (org-admins or site-admins or both) as well about the exposed API token.

      Workaround

      Currently, there is none.

            [AX-685] Notify admins when Atlassian API tokens is exposed in GitHub

            jason colgate added a comment -

            Regarding the solution - more specifically i'd like the ability to be able to specify recipients. Having the option for admins is an improvement, but i'd like to be able to configure an option to alert the Security Ops team in parallel.

            jason colgate added a comment - Regarding the solution - more specifically i'd like the ability to be able to specify recipients. Having the option for admins is an improvement, but i'd like to be able to configure an option to alert the Security Ops team in parallel.

              Unassigned Unassigned
              3d70865c1864 Alim A.
              Votes:
              5 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated: