-
Suggestion
-
Resolution: Unresolved
-
None
-
1
-
Suggestion
The current implementation of Jira Service Management requires unauthenticated outbound REST API call from the App to Jira.
These calls are /server-info and /rest/nativemobile/1.1/info/login and are described in https://confluence.atlassian.com/jirakb/can-t-check-compatibility-error-in-the-jira-server-mobile-app-954244691.html
Some customers may have a WAF, proxy, or other appliance in between the client App and Jira that block unauthenticated access to these calls
Solutions include:
- Configure the third party service to exclude or otherwise unblock these URLs
- Use MDM to implement the "skipInfo" flag as decscribed in https://confluence.atlassian.com/doc/mobile-device-management-mdm-993923036.html
However, some customers may not be able to use either option, since MDM is not used, or the third party service cannot be configured (either for business, or technical reason) to exclude the required URLS.
This results in inability to use the Jira Mobile App.
Suggest solution
Redesign the pre-login phase of JMA to not require unauthenticated call
- was cloned as
-
- Gathering Interest
We (@Symantec/Broadcom) are also would like this issue to be resolved. Other solutions are not suitable for us.
If you have any other suggestions, we would like to hear about them.
I would like to suggest a quick-win that might work for some cases: A deep-link with query parameters for the base-url and skipInfo flag. but this solution probably requires a security-risk review.