Learn more about Jira Cloud products, features, plans, and migration.
Integrate Jira Cloud with Confluence, development tools, apps, and self-hosted tools using OAuth and feature flags.
Control who has access to your Jira Cloud products and give them the right permissions to perform their role.
Learn how to set up, customize, and manage Jira Cloud projects.
Explore issues, issue types, issue custom fields, issue screens, custom field context, and issue field configurations in Jira Cloud.
Define the lifecycle of your work and learn about issue workflow schemes and the issue collector.
Learn more on how you can set up Jira Cloud for your team.
Welcome to our guide on GitHub and Jira permissions setup. This will help you understand the required permissions and events needed for GitHub to work smoothly with Jira.
By granting the GitHub for Jira app access, you are providing the following authorizations to your GitHub and Jira accounts:
Jira permission scopes
Read, write, and admin access for development information: This includes branches, commits, and pull requests.
GitHub permission scopes
Why the app needs it
Read-only access to actions
This permission enables access to theworkflow_run webhook event, providing information including artifacts_url, check_suite_id, conclusion, head_branch, and head_sha.
Read-only access to code scanning alerts/security events
To receive Github code scanning alerts in Jira, the app needs read permissions for security events. The app will listen to code_scanning_alert webhooks and send security report details to Jira. These will appear under the "Other links" tab of the Development Panel on Jira issues.
Read-only access to deployments
To see build and deployment information in Jira, the app needs read permissions for deployments. This allows it to listen to the webhook deployment_status event which occurs when a deployment is created. Read-only deployment permissions are used for the following webhooks:
Read-only access to metadata
As a mandatory requirement by GitHub, all apps have read-only metadata access by default. This is to provide access to a collection of read-only endpoints with metadata for various resources. These endpoints do not provide sensitive private repository information. Read-only metadata permissions are used for the following webhook:
Read and write access to issues and pull requests
This permission powers Smart Commit actions and allows Jira URLs to unfurl in comments. Unfurling refers to the app detecting Jira issue keys in square brackets like [ABC-123] and replacing them with respective Jira issue links.
Issues: Read and write issue permissions are used for the following webhooks:
Pull requests: Read and write pull request permissions are used for the following webhooks:
Read and write access to content (code)
Read permissions sync development information to Jira for the following webhooks:
Write permissions allow branch creation from an issue's dev panel.
Note: for GitHub Enterprise integration (where the user owns the GitHub app) "Write" permission is optional. When not provided, the "Create Branch" feature will not function.
Why the app needs it
Read-only access to members
To determine if you have admin access to a GitHub organization.
Events Our App Subscribes To
When this event occurs
Code scanning alert /security events
Code Scanning alert created, fixed in branch, or closed
A commit comment is created
A Git branch or tag is created
A Git branch or tag is deleted
A deployment is created
Activity related to an issue or pull request comment
Activity related to an issue
Activity related to pull requests
Pull request review
Activity related to pull request reviews
One or more commits are pushed to a repository branch or tag
Activity related to a repository
When a GitHub Actions workflow run is requested or completed
Was this helpful?