Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
0
-
Description
Issue
Due to security concern, from JSM 4.6.0, the automation module was updated in a way that it will only send a webhook to an URL if this URL has been whitelisted, as per this developer community discussion. For this reason, whenever a new automation rule is configured to sent a webhook, it is necessary to whitelist the webhook URL in the page ⚙ > System > Whitelist for the automation to send the webhook. Otherwise, the automation will not be executed.
Another issue is that the JSM automation rule always shows a SUCCESS in the logs regardless if the webhook was sent or not (due to the whitelisting). This is a bug tracked in https://jira.atlassian.com/browse/JSDSERVER-6955.
The problem is that our official documentation about JSM automation does not say anything about whitelisting the webhook URLs for JSM automation rules to work.
On top of it, there is nothing in the JSM automation UI that tells users that they have to whitelist the webhook URL at the time they are creating the automation rule.
Ideally, we should update both the UI (by adding a warning to the user configuring the automation rule), and we should update the documentation, so that users can refer to it.
Related KB article: Webhooks are not sent from Jira Service Management Automation rules
Suggestion
Update the section Customize automation webhooks of the documentation https://confluence.atlassian.com/servicemanagementserver/automating-your-service-project-939926334.html by mentioning that from JSM 4.6.0, any webhook URL needs to be whitelisted in ⚙ > System > Whitelist for the webhook to be sent.
Attachments
Issue Links
- is related to
-
JSDSERVER-6955 Service Desk webhooks that fail indicate success
- Closed
- mentioned in
-
Page Loading...