# Jira ### Overview You can use the Jira Veza Action to automatically create a ticket when Veza detects changes in relationships or properties of entities in Access Graph. You can set Jira as the destination for alert notifications by configuring a [Rule](/4yItIzMvkpAvMVFAamTf/features/insights/rules-and-alerts.md) for a [Saved Query](/4yItIzMvkpAvMVFAamTf/features/search/saved-queries.md). Access Reviews support Jira as a destination when a rejected row is signed-off, enabling other teams to track and follow up on remediation actions. ### Requirements To configure the connection, you will need: * A Jira user with permission to create tickets in a specified project. * This user will also need permission to set any issue fields configured in the Additional Fields step. * A username for the Jira user. * In Jira Cloud, the username is the email address associated with the desired user. * In Jira Data Center, the username is *not* an email address. Jira Data Center APIs require the proper Username for the user. * An access token for the Jira user. * In Jira Cloud, this is an [API token](https://support.atlassian.com/atlassian-account/docs/manage-api-tokens-for-your-atlassian-account/). * In Jira Data Center, this is a [Personal Access Token (PAT)](https://confluence.atlassian.com/enterprise/using-personal-access-tokens-1026032365.html). * A Jira project code (such as `EAC`). * (optional) A Jira username of a user to assign tickets to. This can be the same as the user created for the Veza Action. ### Configure Jira Veza Action Add a connection to Jira Cloud or Data Center on the Veza **Veza Actions** page: 1. Click **Add Veza Action** > **Jira**. 2. Enter the required details: * `Name` (required): Friendly name to identify the connection on the **Veza Actions** page. * `Host` (required): URL of the Jira application, for example, `https://your-org.atlassian.net`. * `Username` (required): Jira username for creating tickets, set as the *reporter* in Jira. * `Token` (required): Jira API token for the Veza Action user. * `Project` (required): Project to create the issue (for example `TMP`). * `Issue Type` (required): [Type](https://support.atlassian.com/jira-cloud-administration/docs/what-are-issue-types/) of the created issue (e.g. `bug`). * `Default Assignee` (optional): Jira username to assign tickets created by the Veza Action user. 3. Click **Next** to configure optional Additional Fields. * `System Fields` are standardized Jira-defined fields (e.g. `Component`). * `Custom Fields` are unique to each Jira instance, with behavior defined by their individual [custom field type](https://support.atlassian.com/jira-cloud-administration/docs/custom-fields-types-in-company-managed-projects/). 4. Click **Next** to test configuration. Click **Create Veza Action** to save it. ### Example notifications The content of each Jira ticket depends on which Veza feature triggered it. Below are examples of the ticket title and description for each supported message type. #### Remediation (query) When a user remediates a risky query, Veza creates a ticket like: **Title**: `[Veza Action] Medium Severity: AWS IAM Roles with S3 update permissions` **Description** (Jira markup): ```md The query "AWS IAM Roles with S3 update permissions" returned 12 results. Severity: Medium Triggered By: Jane Smith Triggered Time: Apr 17, 2026, 2:21:00 PM UTC Query Name: AWS IAM Roles with S3 update permissions Query Source: AwsIamRole Query Destination: S3Bucket Query Link: [AWS IAM Roles with S3 update permissions|https://your-tenant.veza.cloud/app/assessments/f300f690-91c9-4bfd-bd71-eeb399fdce82] Notes: Please review and remove unused permissions by end of sprint. Please note that you must authenticate to the Veza platform to access the link. If you have any trouble accessing the link, please contact your Veza administrator. ``` #### Remediation (dashboard) When a user remediates from a dashboard, the description references the dashboard instead: **Title**: `[Veza Action] AWS Access Risk Dashboard` **Description** (Jira markup): ```md The dashboard "AWS Access Risk Dashboard" triggered a remediation action. Triggered By: Jane Smith Triggered Time: Apr 17, 2026, 2:21:00 PM UTC Dashboard Name: AWS Access Risk Dashboard Dashboard Link: [AWS Access Risk Dashboard|https://your-tenant.veza.cloud/assessments/reports/def456] Notes: Q1 review — escalate any critical findings. Please note that you must authenticate to the Veza platform to access the link. If you have any trouble accessing the link, please contact your Veza administrator. ``` #### Shared query or dashboard When a user shares a query or dashboard, the ticket includes the sharer's name and an optional note: **Title**: `Notification - 2026-02-19 18:30:00 UTC` **Description** (Jira markup): ```md *Jane Smith* has shared a query with you. *Note:* FYI — this query covers the new S3 buckets. *Query:* [Publicly Accessible S3 Buckets|https://your-tenant.veza.cloud/assessments/queries/ghi789] *Description:* Identifies S3 buckets with public read or write ACLs. Please note that you must authenticate to the Veza platform to access the link. If you have any trouble accessing the link, please contact your Veza administrator. ``` #### Alert rule When an alert rule fires and the Jira Veza Action is selected as the delivery destination, Veza creates a ticket with the rule summary and entity details: **Title**: `[Veza Alert - Low] slack rule 5` **Description** (Jira markup): ```md This alert was triggered because the query AWS IAM Roles with S3 update permissions returned 12 results, which exceeded the threshold of 2 Rule Name : slack rule 5 Severity : low Time Triggered : Apr 17, 2026, 2:13:36 PM UTC Query Name : AWS IAM Roles with S3 update permissions Query Source : AWS IAM Role Query Destination : S3 Bucket Review Query Results : [AWS IAM Roles with S3 update permissions|https://your-tenant.veza.cloud/app/assessments/f300f690-91c9-4bfd-bd71-eeb399fdce82] What triggered this alert? See full alert details in Veza: [View Alert|https://your-tenant.veza.cloud/app/alerts?rule=019d9bc9-19d3-7942-98d0-6da76182baa6&alert_id=019d9bca-3fe5-769a-bfb3-9c8cf30c6ee3] ``` **Attachment**: A `details.json` file containing the full alert payload (matching the [webhook payload structure](/4yItIzMvkpAvMVFAamTf/administration/administration/notifications/destinations/webhooks.md#webhook-payloads)) with complete entity details, added/removed nodes, and property changes. {% hint style="info" %} Remediation and sharing notifications use a fixed message format. Alert notifications include a formatted description with entity details and a JSON attachment. None of these formats are customizable. {% endhint %} ### Limitations and troubleshooting: * An error will occur if your Jira configuration requires unsupported fields to create issues in a project. * Veza currently only supports a subset of System Fields and Custom Field Types. This subset is represented in the available selectors in the wizard. * Custom issue types are not currently supported. Issues can have any basic issue type (typically "Task" or "Bug"). * **Reporter field error when assigning a user**: If ticket creation fails after setting a **Default Assignee**, verify that the **Reporter** field is included on the project's "Create Issue" screen. Jira requires the Reporter field on the create screen to accept ticket submissions from the Veza service account. * **Jira Cloud**: Go to **Project Settings** > **Screens** and add the Reporter field to the Create Issue screen. * **Jira Data Center**: Go to **Jira Settings** > **Issues** > **Screens**, find the Create Issue screen for the project, and add the Reporter field. See [Defining a screen](https://confluence.atlassian.com/adminjiraserver/defining-a-screen-938847288.html) in the Jira documentation. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.veza.com/4yItIzMvkpAvMVFAamTf/administration/administration/notifications/destinations/jira.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.