Configure Jira with Password Safe Ticket System

You can integrate Jira with Password Safe requests so that Jira ticket numbers provided on requests can be validated. To configure Jira with Password Safe, you must:

  • Create a connector in BeyondInsight to your Jira instance.
  • Create a functional account for the Jira platform.
  • Create a Jira ticket system in the Password Safe system configuration.

Create Jira Ticket System Connector

  1. In the BeyondInsight Console, go to Configuration > General > Connectors.
  2. In the Connectors pane, click Create New Connector.
  3. Enter a name for the connector.
  4. Select Jira Ticket System connector from the Connector Type dropdown.
  5. Click Create Connector.
  6. Set the Jira Connector options as follows:
    • Connector Name: The connector name can be any name.
    • Instance URL: The full URL for the Jira instance.
    • User name: Enter your user name. For hosted Jira, this is your email address. For local Jira, this is your user name.
    • Password: Enter your Jira password. For hosted Jira, you must create an API key for the password. The credentials are used only on this configuration page to test connectivity.
    • Ticket Field Mappings: Add field mappings to further validate tickets. You can map against Password Safe checkout start and end date and the system being accessed, as well as literal values, which is useful for validating the ticket state. User name is validated separately. Available fields can vary per Jira instance.
  7. Click Test Connector to ensure connectivity to your Jira instance is successful.
  8. Click Create Connector to save.

Create the Functional Account

Follow the steps below to create the functional account.

There are two types of Jira environments: hosted (cloud) and local (on-premises). Some steps require slightly different actions depending on the Jira environment you use.

  1. In BeyondInsight, go to Configuration > Privileged Access Management > Functional Accounts.
  2. Click Create New Functional Account.

Create a functional account - Jira

  1. Under Type, select Ticket System.
  2. Select Jira from the Platform list.
  3. Enter your username.
    • For hosted Jira, this is your email address.
    • For local Jira, this is your user name.
  4. Enter the full URL for the Jira instance in the Domain field.
    • For local Jira, add the suffix /Jira to the domain name.
  5. Enter your Jira password.
    • For hosted Jira, you must create an API key for the password.
  6. Enter an Alias and a short Description, if desired.
  7. In the Search Connectors dropdown menu, select the Jira connector (created using the process above).
  8. Select a Workgroup.
  9. Click Create Functional Account when done.

Create the Ticket System

Once the functional account is created, you can create the ticket system by following the steps below.

Create Jira ticket

  1. In BeyondInsight, go to Configuration > Privileged Access Management > Ticket Systems.
  2. From the Ticket Systems pane, click Create New Ticket System.
  1. Select Jira Ticket System from the Platform list.
  2. Select the Functional Account you just created.
  3. Enter a name for the ticket system.
  4. Optionally, you can also enter a Description, Access Policy Certificate Common Name, and an Access Policy Code.
  5. Click the toggles to enable the features you want. The options are:
    • Auto Approve on Ticket Number Validation
    • Enable Emergency Approval Without Ticket Number
    • Make Ticket System the Default
  6. Click Create Ticket System when done.

 

For any tickets verified using this ticket system, you must ensure within the Jira web portal that the Requester is populated in the Assignee field. The User ID must match the Password Safe User ID for local or on premises Jira environments. For hosted or cloud Jira environments, the email address entered must match the email address of the BeyondInsight user.