Jira

Overview#

The Jira connector proxies Atlassian Jira Cloud REST API v3 calls. API tokens are sealed in QuantaVault. Supports issue CRUD, JQL search, project management, and custom field operations.

Prerequisites#

• 1A Jira Cloud account
• 2An Atlassian API token from id.atlassian.com → Security → API Tokens
• 3Your Jira base URL (e.g. https://your-org.atlassian.net)

Configuration#

Follow these steps to connect Jira to QuantaSeal. You can configure integrations via the Admin Console or directly via the API.

1. 1

   Create an API token at id.atlassian.com → Security → API Tokens.

2. 2

   Seal: POST /api/v2/vault/seal with credential_type: basic_auth and values: {username: 'you@company.com', password: 'api-token'}.

3. 3

   Create integration with system_type: jira, config: {base_url: 'https://your-org.atlassian.net'}.

Authentication Types#

Jira Cloud uses HTTP Basic Auth with email address + API token. Seal as basic_auth with values: {username: email, password: api_token}.

All credential types are sealed in QuantaVault with ML-KEM-768 + AES-256-GCM and wrapped by your tenant AWS KMS CMK before storage. See the Vault API reference for the full list of credential types and seal/unseal endpoints.

Available Operations#

QuantaSeal enforces a default-deny operation policy. Only operations listed in your integration's allowed_operations array will be permitted. Add operations when creating or updating the integration.

Code Example#

Every proxy call returns a HybridCryptoEnvelope - the response is ML-KEM-768 key-encapsulated, AES-256-GCM encrypted, and signed with ML-DSA-65 + HMAC-SHA-512. Verify both signatures before trusting the decrypted payload.

curl -X POST https://api.quantaseal.io/api/v2/proxy/outbound \
  -H "X-API-Key: qs_live_your_key_here" \
  -H "Content-Type: application/json" \
  -d '{"integration_id":"int_JIRA001","operation":"search_issues","payload":{"jql":"project = OPS AND status = Open ORDER BY created DESC","maxResults":50}}'

Troubleshooting#