- Getting started
- Notifications
- Licensing
- Troubleshooting
- Connector Builder
- Act! 365
- ActiveCampaign
- Active Directory - Preview
- Adobe Acrobat Sign
- Adobe PDF Services
- Amazon Bedrock
- Amazon Connect
- Amazon Polly
- Amazon SES
- Amazon Transcribe
- Amazon Web Services
- Anthropic Claude
- Asana
- AWeber
- Azure AI Document Intelligence
- Azure Maps
- BambooHR
- Box
- Brevo
- Calendly
- Campaign Monitor
- Cisco Webex Teams
- Citrix Hypervisor
- Citrix ShareFile
- Clearbit
- Confluence Cloud
- Constant Contact
- Coupa
- CrewAI – Preview
- Customer.io
- Database Hub - Preview
- Databricks Agent
- Datadog
- DeepSeek
- Deputy
- Discord - Preview
- DocuSign
- Drip
- Dropbox
- Dropbox Business
- Egnyte
- Eventbrite
- Exchangerates
- Exchange Server - Preview
- Expensify
- Facebook
- Freshbooks
- Freshdesk
- Freshsales
- Freshservice
- GetResponse
- GitHub
- Gmail
- Google Cloud Platform
- Google Docs
- Google Drive
- Google Forms - Preview
- Google Maps
- Google Sheets
- Google Speech-to-Text
- Google Text-to-Speech
- Google Tasks - Preview
- Google Vertex
- Google Vision
- Google Workspace
- GoToWebinar
- Greenhouse
- Hootsuite
- HTTP
- HTTP Webhook
- Hubspot CRM
- HubSpot Marketing
- HyperV - Preview
- Icertis
- iContact
- Insightly CRM
- Intercom
- Jina.ai
- Jira
- About the Jira connector
- Jira authentication
- Jira events
- Keap
- Klaviyo
- LinkedIn
- Mail
- Mailchimp
- Mailgun
- Mailjet
- MailerLite
- Marketo
- Microsoft 365
- Microsoft Azure
- Microsoft Azure Active Directory
- Microsoft Azure AI Foundry
- Microsoft Azure OpenAI
- Microsoft Dynamics 365 CRM
- Microsoft OneDrive & Sharepoint
- Microsoft Outlook 365
- Microsoft Power Automate – Preview
- Microsoft Sentiment
- Microsoft Teams
- Microsoft Translator
- Microsoft Vision
- Miro
- NetIQ eDirectory
- Okta
- OpenAI
- OpenAI V1 Compliant LLM
- Oracle Eloqua
- Oracle NetSuite
- PagerDuty
- PayPal
- PDFMonkey
- Perplexity
- Pinecone
- Pipedrive
- QuickBooksOnline
- Quip
- Salesforce
- Salesforce AgentForce & Flows – Preview
- Salesforce Marketing Cloud
- SAP BAPI
- SAP Cloud for Customer
- SAP Concur
- SAP OData
- SendGrid
- ServiceNow
- Shopify
- Slack
- SmartRecruiters
- Smartsheet
- Snowflake
- Snowflake Cortex
- Stripe
- Sugar Enterprise
- Sugar Professional
- Sugar Sell
- Sugar Serve
- System Center - Preview
- TangoCard
- Todoist
- Trello
- Twilio
- UiPath Apps - Preview
- UiPath Data Fabric – Preview
- UiPath GenAI Activities
- UiPath Orchestrator
- X (formerly Twitter)
- Xero
- watsonx.ai
- WhatsApp Business
- WooCommerce
- Workable
- Workday
- Workday REST
- VMware ESXi vSphere
- YouTube
- Zendesk
- Zoho Campaigns
- Zoho Desk
- Zoho Mail
- Zoom
- ZoomInfo
Integration Service user guide
Jira authentication
Before using Jira activities or triggers, you must create a connection to your Jira Cloud instance in UiPath Integration Service.
The Jira connector only supports Jira Cloud instances. Jira Server and Data Center instances are not supported.
Supported authentication methods (Jira Cloud only)
| Authentication type | Description | Best for |
|---|---|---|
| API Token (Basic over HTTPS) | Uses Atlassian Cloud email and API token | Service accounts, unattended automations. |
| OAuth 2.0 | Uses user sign-in and consent with Jira Cloud scopes | User‑delegated, attended, or personal flows. |
| Bring Your Own OAuth 2.0 App | Uses your own OAuth app with UiPath’s callback URL. | Customers managing their own Jira app and keys. |
API Token (Basic over HTTPS)
Authenticate with Jira Cloud using an Atlassian account email and API token, passed as HTTPS basic authentication. Learn more.
The connection runs with the same project and issue permissions as the configured Jira user.
Required fields
| Field | Description |
|---|---|
| Site URL | The Jira site URL, for example https://your-domain.atlassian.net. Note: Make sure to include 'https://' and no trailing '/' at the end of the URL. |
| Username | Atlassian account email used to log in to Jira Cloud |
| API token | Jira Cloud API token associated with the account |
How to generate API token
- Create an API token (without scope) in Atlassian account security. Learn more.
- Copy the generated token and keep it secure for later use.
- In UiPath Integration Service, add a Jira connection and fill in:
- Site URL
- Username
- API token
Token lifecycle
For your security, tokens can last no longer than a year and can be revoked and deleted from the Atlassian account security page. Once deleted, all Integration Service calls using that token will fail with 401 Unauthorized until a new token is configured.
Troubleshooting
- 401 Unauthorized: Check email and token, confirm the token exists and was copied correctly.
- 403 Forbidden on some operations: Confirm the Jira user has the required project permissions for the target project and issue type.
Frequently asked questions
Can I limit an API token to specific projects?
No. Tokens inherit all permissions of the user; limit access by configuring user/project permissions in Jira.
Does CAPTCHA or SSO affect token-based calls?
CAPTCHA and interactive login rules apply to username/password, not API tokens; SSO still governs the account but does not block token usage. Learn more.
How should I rotate tokens used by UiPath?
Create a new token, update the Jira connection in UiPath with the new token, validate automations, and then revoke the old token.
Bring your own OAuth 2.0 app
This authentication type is similar to the OAuth 2.0 Authorization Code, but requires you to bring your own client ID and client secret credentials.
Follow the Jira guidelines for creating your own app: OAuth 2.0 (3LO) apps. You can create your application from the Jira developer console. While setting up your own OAuth2.0 App make sure to provide the redirect/callback URL as: https://cloud.uipath.com/provisioning_/callback
This is recommended when automations should run under an end‑user's context and obey both OAuth scopes and that user's project permissions.
Required fields
| Field | Description |
|---|---|
| Site URL | Jira site URL, for example https://your-domain.atlassian.net. When prompted to grant the UiPath app permissions to access Jira, make sure to select the same Jira site URL. |
| Client ID | Client identifier for the Atlassian OAuth 2.0 (3LO) app. |
| Client Secret | Secret from the Atlassian OAuth 2.0 (3LO) app. This will be stored in UiPath Integration Service database. |
| Redirect URL | UiPath callback URL, configured exactly in the Atlassian app. |
| Username | Used in Jira login page. |
| Password | Used in Jira login page. |
Understanding Jira scopes
Scopes define the level of access an app can request to interact with an Atlassian product. When a connection is established and the user authorizes the app through the Jira activity (via the API), the OAuth app receives permission to perform the specified operations on the user's behalf—subject to the user's permission settings. For a complete list of available scopes, refer to the Jira scopes documentation.
The following table lists the scopes required for creating connections:
| Scope | Type | Description |
|---|---|---|
| read:jira-user | Required | View user information in Jira that the user has access to, including usernames, email addresses, and avatars. |
| read:jira-work | Required | Read Jira project and issue data, search for issues and objects associated with issues like attachments and worklogs. |
| write:jira-work | Required | Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues. |
| manage:jira-project | Required | Create and edit project settings and create new project-level objects (for example, versions and components). |
| offline_access | Required | Refresh OAuth token automatically |
| manage:jira-configuration | Optional | Take Jira administration actions (for example, create projects and custom fields, view workflows, and manage issue link types). |
| manage:jira-data-provider | Optional | Manage development and release information for third parties in Jira |
The app must have all scopes that your connection is requesting.
How to generate credentials
- Follow Atlassian's 3LO app guide.
- Configure the UiPath Jira callback URL from the Integration Service Jira authentication page as the redirect URI.
- Select the Jira Cloud scopes you need (for example
read:jira-work,write:jira-work,read:jira-user). - Copy Client ID and Client Secret from the Atlassian app into the UiPath Jira connection settings.
Token lifecycle
Access tokens are short‑lived; UiPath uses refresh tokens to obtain new access tokens until the refresh token expires or is revoked.
Revoking consent or deleting the Atlassian OAuth app invalidates tokens and requires re‑authorization from UiPath.
Troubleshooting (OAuth)
-
Redirect URI mismatch: Ensure the redirect URL configured in Atlassian exactly matches UiPath's callback URL.
-
insufficient_scopeor 403: Add any missing Jira scopes to the app and ensure the user has necessary Jira permissions.
Frequently asked questions
What are the minimum scopes to issue CRUD?
It varies from one object to another, but usually read:jira-work and write:jira-work for issues/comments; add read:jira-user if user lookup/assignment is used.
Can scopes restrict access to specific projects?
No. Scopes are functional; project-level access is still governed by the authorizing user's permissions in Jira.
Why do I still get 403 after a successful OAuth login?
Ensure read:jira-user is being inferred in your private app.
OAuth 2.0 Authorization code
The OAuth 2.0 Authorization code method in UiPath Integration Service is functionally identical to Bring Your Own OAuth 2.0 App (BYOA) in how tokens are obtained and how activities are performed in Jira Cloud. The key difference is in who owns the OAuth application credentials:
- OAuth 2.0 Authorization Code uses UiPath's own registered public OAuth 2.0 application for Jira Cloud with limited pre-configured scopes.
- This means the Client ID and Client Secret are managed by UiPath and are not required from the user.
- You only need to provide your Jira site URL and select the desired scopes during connection setup.
- The rest of the authentication experience, including user login, consent, and token management, is the same as for a custom app.
- BYOA (Bring Your Own OAuth) allows organizations to register and manage their own OAuth 2.0 app with Atlassian.
- The user or admin must supply the custom app's Client ID, Client Secret, and configure the callback URL accordingly.
- Use BYOA if you require a private app for your organization, want to manage your own keys, or need to enforce governance on the OAuth client configuration.
There is no difference in required scopes, consent flow, or the capabilities available; both use Atlassian's 3-legged OAuth to acquire user-granted access tokens for Jira Cloud. The only distinction is whether you are using UiPath's public integration (no client credentials needed), or your own Atlassian OAuth app (credentials required at setup).
- Supported authentication methods (Jira Cloud only)
- API Token (Basic over HTTPS)
- Required fields
- How to generate API token
- Token lifecycle
- Troubleshooting
- Frequently asked questions
- Bring your own OAuth 2.0 app
- Required fields
- Understanding Jira scopes
- How to generate credentials
- Token lifecycle
- Troubleshooting (OAuth)
- Frequently asked questions
- OAuth 2.0 Authorization code
