This article answers the most popular questions regarding how our Jira Cards integration is built.
Learn more about Jira Cards in these articles as well:
- Jira Cards
- How to set up and to uninstall Jira Cards
- How to set up webHook for Jira Cards
- Possible issues with Jira Cards and Jira Add-on
Question | Answer |
---|---|
Security |
|
How does the Jira-Miro authentication work? |
The protocol used is:
|
Is data secured in transit between Jira and Miro? | We use the TLS security protocol. It encrypts HTTP messages before transmission and decrypts messages upon arrival. We also support mutual TLS for Enterprise plan. |
Do you support mutual TLS? |
Yes, learn more. |
Will Miro retain any of the customer’s Jira data? If yes, how long is the retention period and how will the data be secured? |
Yes, Miro retains the card's data which are added to the board. For OAuth 1.0. (Jira Server or Data Center) also, the data are updated if the webhooks are configured during the Jira Cards plugin setup process. The retention period is unlimited. Only the general Miro security protocols are applied. |
Is there a way we can restrict the information that can be retrieved from Miro? Ie. let’s assume we only want to see the ‘title’ and ‘status‘, can we prevent access to other fields such as ‘description’ or ‘attachment’ to any user in Miro? | We did not find any mention in Atlassian's documentation of how to limit the information to just a few fields. |
Can we have a diagram showing the data flow between Jira and Miro, such as during authentication, normal usage, etc.? | Detailed info can be found in this Jira Developers article. We implement our integration according to Atlassian documentation. |
How is the token handled? |
Oauth 1.0.: Only the access token is used. The access token persists for 5 years unless revoked (no option to customize, as this policy is defined on the Atlassian side. You can revoke the token on the Jira side using web UI). OAuth 2.0.:
|
Is a single access token used for all of the customer’s Jira access, or are separate tokens used for individual users? |
Every Miro user who intends to import, create or edit Jira Cards must connect their individual Jira credentials. All of the above actions can only be performed on behalf of individual Jira credentials. |
How are the request tokens, access tokens, private keys, and other OAuth secrets/credentials secured? |
During the integration, only access tokens are used. They are securely stored within the database and are used only on the server side. For OAuth 1.0. (Jira Server and Data Center) the authToken is only used for the webhook. It is not the actual authentication token used by OAuth. Requests are sent over an encrypted connection. The secret key is auto-generated and is associated as per team. |
What endpoints does your integration use? |
POST /rest/api/2/issue - create new issue For OAuth 1.0. (Jira Server and Data Center) additionally, we use: POST /rest/webhooks/1.0/webhook |
Will the cards work with Jira Datacenter? | Yes. We are approved by Atlassian, and we already have a lot of customers successfully using Jira Cards with Datacenter. The installation procedure is the same. |
What IPs are you using to communicate to the Jira system? |
The list of our static IP addresses can be found here. Note that these are the addresses used only to communicate with the Jira system. Miro app's IPs are dynamic and to ensure that all the functionalities on the Miro boards (including some of those related to Jira cards) perform successfully, we ask to add our domains to your allowlist. |
Can we integrate Jira with Miro, but block in Miro those Jira issues with Security Level set to "Private"? |
No, that is not an option - Security Levels in Jira do not correlate with Miro. |
General |
|
Can we connect Miro to Jira if we use a Jira server that is closed off to outside networks/a Jira instance that is available locally only? |
Miro is an online tool, so you can only set up the integration if your Jira is open to the public internet. No workarounds here. |
Can we connect multiple Jira instances to a Miro team? |
For OAuth 1.0. (Jira Server and Data Center) - no, it's one Jira instance per team. For OAuth 2.0. - yes, you can connect additional instances from your Jira integration settings page and switch between them. |
What is the Server to Cloud migration process? |
Since your Jira Base URL will inevitably change during the migration to Cloud, the integration will break without changes on our end. Please reach out to Miro support for assistance. |
Will Miro create a webhook per team, per project, or per Miro instance? |
Applicable to OAuth 1.0 (Jira Server and Data Center) only: Yes, if you enable Automatic Webhook in your Miro settings, then webhook creation happens automatically. If you use team-level authorization with Jira, then Miro creates webhooks per team. If you use organization-level authorization, then Miro creates webhooks per organization. |
Does the Jira Cards plugin support Next-Gen projects? |
Yes, it does. Please note that currently, there is no Epic link/field when creating a Jira Card for a Next-Gen project on Miro's side. |
Are custom Jira fields supported? | Yes, we support almost all custom fields of basic types. If you have a complex data type field, it may not be supported and cause unexpected behaviour when updating or creating Jira cards on the board. |
What's going to happen with existing Jira Cards in case we switch to another Jira instance? | If you disable the connection to your Jira instance the cards related to the instance will stay on Miro boards (no data loss), but they will stop updating. |
What's going to happen with existing Jira Cards if we move them from one Project to another on Jira's side? |
Currently, when you move Jira issues from one Project to another in Jira, they no longer update on Miro's side. As a workaround, we suggest you copy a Jira issue URL (Ctrl/Cmd+C) and paste it into a Miro board (Ctrl/Cmd+V). Thus, a Jira Card will show new values and will be updated automatically. |
If a board is moved to another Miro team, what will happen to Jira cards on the board? |
The Jira Cards will stay on the board, but no one will be able to modify them (even if the same Jira instance is configured for the target team). When clicking a card, you will see a message: "JIRA Card was imported from another account". If you want to make the cards editable, please import them to the board anew. |
Is there an additional cost for the Jira Cards integration? |
Jira Cards are available on all paid, and Education plans at no additional cost (Starter, Business, Education, and Enterprise plans). |
If a user goes to a Miro board and logs in to Jira, will they have access to all the Jira Cards details on the board or only the ones that they are authorized to have access to as per their Jira credentials?
|
The permissions for the Jira Cards integration ensure that users can only create and edit cards in Jira projects that they have access to. |
Has Atlassian discontinued support for Jira Server? |
Yes, Atlassian has discontinued support for Jira Server as of February 2024. However, Miro will continue to support the Jira Cards integration for Jira Server for the foreseeable future. |
Does Miro Planner/Jira Cards support the Jira custom fields Custom issue types, and Custom dependencies? |
Yes, both are supported. If the Custom issue types and Custom dependencies fields are set up in Jira, and Miro Planner is authenticated for that Jira instance, then these custom fields are available in the planner. |
Does Miro support OAuth 2.0 for Jira Data Center? |
Currently, you can only integrate Miro and Jira Data Center with OAuth 1.0. Miro plans to support OAuth 2.0 in the future. |