Configure OAuth 2.0 Connection for Jira Cloud

OAuth 2.0 is used for secure authentication and integration. OAuth is the only authentication type supported by Jira Cloud and ZE integration.

Configure Jira Cloud to Use OAuth 2.0

Perform the following steps to configure Jira Cloud using OAuth2:

  1. Log in to Jira as a Jira Admin user.

  2. Open the Developer console.

  3. To configure the Jira Cloud with OAuth 2.0, click Create and select OAuth 2.0 Integration.

    ZE_Screenshot_OAuthJiraCloud_01.png

  4. Enter the name of the app and click Create. You are redirected to the OAuth app page.

    ZE_Screenshot_OAuthJiraCloud_02.png

    By default, the application is set to Private, which means it can only be accessed by the user who is logged in.

  5. Select the Distribution menu to share the app and allow other users to access it.

  6. On the Distribution Screen, update the Distribution status to "Sharing" to make it accessible to other users.

  7. To configure Distribution, do the following:

    1. Click the Distribution tab, and then select Edit.

    2. Under Distribution status, select the Sharing option.

    3. In the Vendor name box, enter "Smartbear".

    4. In the Privacy box, enter the Privacy Policy URL. Refer to SmartBear Privacy Policy for more information on the URL policy.

  8.  Click Save changes.

    ZE_Screenshot_OAuthJiraCloud_03_png.png

  9. To add and configure the API scopes for your app, go to the Permissions menu.

  10. Under the API name list, select Jira API and click the Configure link.

    ZE_Screenshot_OAuthJiraCloud_04.png

    The Jira Platform Rest API screen appears.

    ZE_Screenshot_OAuthJiraCloud_05.png

  11. Click the Classic scopes tab, and then click the Edit Scopes button.

    1. Select the following permissions by clicking the options button for the following code:   

      read:jira-work   

      read:jira-user   

      write:jira-work

      manage:jira-webhook                                                                                                                    

    2. Click Save to save the selected permissions for Classic scopes. 

      ZE_Screenshot_OAuthJiraCloud_06.png

  12. Click the Granular Scopes tab, and then click the Edit Scopes button.

    1. Select the following permissions by clicking the options button for the following code:

      read:project:jira 

      read:board-scope:jira-software 

      read:epic:jira-software 

      read:sprint:jira-software 

      ZE_Screenshot_OAuthJiraCloud_7.png

    2. In the Search box, enter the permission name or code to choose the required permissions.

    3. Click Save to save the permissions for Granular scopes.

      ZE_Screenshot_OAuthJiraCloud_08.png

  13. Go to the Authorization menu, and click Add to add the authorization type for OAuth 2.0 (3LO)

  14. Enter the Callback URL in the following format, and then click Save changes

    https://<domain_name>/flex/services/rest/v3/oAuth2/callbackUrl     

    For example, https://example.yourzephyr.com/flex/services/rest/v3/oAuth2/callbackUrl 

    ZE_Screenshot_OAuthJiraCloud_09.png

    Once you save the changes, you will get the authentication details of the OAUTH2 to use while integrating with Zephyr Enterprise.

  15. Go to the Settings menu, and copy the Client ID and Secret details.

Configure the connection in Zephyr

Perform the following steps to configure the connection in Zephyr:

  1. Log in to your Zephyr Enterprise instance as a user with administrator permissions.

  2. Go to Administration, select Jira Integration. 

  3. Click the Add Jira Connectionbutton. The Add a Jira Integration screen appears. Specify the following values on it:

    1. Enter the URL of your Jira instance like https://{my-org}.atlassian.nеt.

    2. Select OAuth2 as the authentication method. 

  4. Click Next

    ZE_Screenshot_OAuthJiraCloud_10.png

    The User Details screen appears. 

  5. Enter the Client ID and Client Secret mentioned while configuring the Jira application link, and then click Next. The Connect your Jira Account screen appears.

  6. Click the link displayed on the screen to get the verification code. 

    ZE_Screenshot_OAuthJiraCloud_11.png

    This requests the authentication code from Jira. You need to grant the app access to your data in all locations where it is installed and accessible. You will be navigated to the Authorize app screen.

  7. Select the Jira account you want the app to access and click Accept to continue.

    ZE_Screenshot_OAuthJiraCloud_12.png

    Once you click Accept, the verification code appears on the next screen.

  8. Copy this verification code, switch to the Connect your Jira Account screen, and paste it into the box.

  9. Click Next. Zephyr will run the diagnostics and displays the results.

  10. Verify the Diagnostic Status, and then click Done.

    ZE_Screenshot_OAuthJiraCloud_14.png

    Jira is successfully integrated with OAuth2. You will see the newly created connection in the list of connections.

Webhooks for Zephyr integration with Jira

Webhooks are an essential part of Zephyr integration with Jira. They are used to synchronize Zephyr and Jira requirements and defects.

Webhooks can be created using either of the following methods:

  • Zephyr creates a pre-configured webhook automatically when you are mapping a project in Zephyr. You must have a Jira account with special permissions (for example, Browse Projects). You can view the created webhook in Jira settings: 

Go to Settings ZE_Screenshot_OAuthJiraCloud_15.png, select System (under Jira Settings), and then select Webhooks (under Advanced).

  • For the Automatic webhook, use the following API to check the project mappings in the JQL.

API Details: GET https://api.atlassian.com/ex/jira/{cloud_id}/rest/api/3/webhook

Example: GET https://api.atlassian.com/ex/jira/0b5ceb25-e93b-4fb7-bdc1-89a5ba8e8330//rest/api/3/webhook

Warning

Do not delete this webhook or modify its properties. It has all the required settings enabled. You can update the webhook later if required.

  • As an administrator, you can create and manage webhooks manually. This is recommended if you do not have (or do not want to create) a Jira service account with the permissions required for automatic webhook management.

For more information on Rest API for Webhooks, refer to The Jira Cloud platform REST API.

In this section:
© 2025
Publication date: