Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-73857

As a Jira Administrator I'd like to have support for rotation of internal application credentials

    XMLWordPrintable

Details

    • 1
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Ability to credential rotation via API or Script.

      Rotate the credentials that are stored internally in Jira, Confluence, and Bitbucket periodically per standard industry security practices – that is – internal credentials that potentially have value to an external attacker.

      Specifically out-of-scope are:

      • End-user credentials (since the product already has a way to enumerate users and change their passwords and API keys or similar).
      • Credentials stored by 3rd party plugins.

      Attachments

        Issue Links

          relates to

          Suggestion - BSERV-13369 Support for rotation of internal application credentials (those of external value)

          • Gathering Interest

          Suggestion - CONFSERVER-79475 Support for rotation of internal application credentials (those of external value)

          • Gathering Interest

          Suggestion - JRASERVER-72198 As a Jira administrator I would like that OAuth tokens are removed when a user is disabled (inactive)

          • Gathering Interest
          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Activity

            People

              Unassigned Unassigned
              8e2ee97d25b6 Diego Leitão
              Votes:
              4 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated: