Steps for integrating SecurityRAT with JIRA.


If you’re not familiar with JIRA, please refer to the project’s homepage.

Integration use cases

JIRA integration is used in three cases:

  • the artifact settings you’ve defined can be exported to / imported from a JIRA ticket (using a YAML-file attachment)
  • the particular requirements can be opened as separate JIRA tickets
  • SecurityRAT users can give feedback to particular requirements. This leads to opening a JIRA ticket in a configured queue.

Steps for integration

The connection to JIRA is realized solely using the JavaScript side of SecurityRAT. This means that Cross-Origin Resource Sharing (CORS) is used. In order to enable CORS on JIRA side, you need JIRA to include respective headers in HTTP responses:

Access-Control-Allow-Origin: https://$SecurityRAT_URL
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST
Access-Control-Allow-Headers: Content-Type, X-Atlassian-Token
Access-Control-Allow-Credentials: true

Usually you realize this by configuring a HTTP Server serving as a reverse proxy for your JIRA instance.