Loading

Data 360 Integration Guide: Connecting Data 360 to Jira Cloud via OAuth 2.0

Publiceringsdatum: Dec 19, 2025
Beskrivning

This guide serves as the definitive walkthrough for connecting Data 360 to Jira Cloud. By following the phases below, you will navigate the common pitfalls, such as the critical audience parameter and scope definitions, to ensure a successful ingestion setup.

Phase 1: Configure Atlassian (Jira) App

  1. Log in to the Atlassian Developer Console.

  2. Click Create > OAuth 2.0 integration. Name it (e.g., "Salesforce D360 Connect").

  3. Navigate to Permissions > Jira API > Add.

  4. Critical: Click Configure and add these specific scopes:

    • read:jira-work

    • read:jira-user

    • offline_access (Required to maintain connection without constant re-login)

  5. Navigate to Settings. Copy the Client ID and Secret. Keep this tab open.

Phase 2: Create Salesforce Auth. Provider

  1. In Salesforce Setup, search for Auth. Providers.

  2. Click New > Open ID Connect.

  3. Enter the Configuration:

  4. Save. Copy the generated Callback URL.

Phase 3: Finalize Atlassian Setup

  1. Return to the Atlassian Console > Settings > Authorization.

  2. Paste the Callback URL from Salesforce.

  3. Save changes.

Phase 4: Create External & Named Credentials

  1. Create External Credential:

    • Go to Named Credentials > External Credentials > New.

    • Protocol: OAuth 2.0 | Flow: Browser Flow.

    • Auth Provider: Select provider created in Phase 2.

    • Add Principal: Scroll down, click New. Name it Jira_Principal.

    • Authenticate: Click the Actions arrow on the Principal row > Authenticate. Log in to Jira and authorize access.

  2. Create Named Credential:

    • Go to Named Credentials > New.

    • Label: Jira API.

    • URL: https://api.atlassian.com

    • External Credential: Select the credential created above.

    • Generate Authorization Header: Checked.

 

Phase 5: Set Up the Data Cloud Connection

This step bridges the gap between the Named Credential setup and the Data Cloud application. For the most up-to-date official steps, refer to the Salesforce Developer Documentation: Set Up a Jira Structured Connection.

  1. Navigate to Data Cloud Setup:

    • Click the Gear Icon > Data Cloud Setup.

    • Under Configuration, select Connectors.

  2. Initiate Connection:

    • On the Source tab, locate Jira and click New (or Next).

  3. Enter Details:

    • Connection Name: Enter a user-friendly name (e.g., Jira_Production).

    • Connection API Name: Enter a unique API name.

  4. Authentication & URL:

    • Authentication Method: Select Named Credential from the dropdown.

    • Named Credential: Select the Jira API credential created in Phase 4.

    • Connection URL: Enter the base URL of your Jira site.

      • Format: https://{yoursitename}.atlassian.net

  5. Finalize:

    • Click Test Configuration to verify the handshake.

    • Click Save.

Result: The connection is now active, and you can begin creating Data Streams.

Lösning

Troubleshooting Guide

 

Scenario 1: Error: 403 Forbidden (During Authentication)

You click "Authenticate" on the Principal, log in to Jira, but Salesforce displays a generic "403 Forbidden" or protocol error. 

Root Cause: Missing Audience Parameter.

Fix:

  1. Edit your Auth. Provider in Salesforce.

  2. Ensure Authorize Endpoint URL includes ?audience=api.atlassian.com at the end.

 

Scenario 2: Error: DATA_SOURCE [40003] Unauthorized; scope does not match

Authentication works, but API calls fail when trying to read data. 

Root Cause: The token lacks the permission for the requested action.

Fix:

  1. Update the Auth. Provider "Default Scopes" to include read:jira-work or manage:jira-project.

  2. Re-Authenticate: Go to External Credentials > Principal > Authenticate to regenerate the token with the new scopes.

 

Scenario 3: Error: INVALID_ACCESS when querying [Boards]

You can query certain objects, but querying certain objects (eg. Boards) returns an access error.

Root Cause: The Integration User cannot see the Saved Filter that powers the board.

Fix:

  1. In Jira, go to Board Settings > General.

  2. Click Edit Filter Shares.

  3. Share the filter with the Integration User (or "Any logged-in user").

  4. Also verify the user has Browse Projects permission in Jira.

Special Considerations:

When ingesting data into Salesforce Data 360, it is critical to understand that access is controlled by two layers: the Jira Permissions and the OAuth App Scopes.

In many cases, ingestion fails or returns partial data not because the user lacks access, but because the OAuth 2.0 App itself was not granted the necessary permission scopes during setup.

  • How it works: Data 360 is limited by the strict list of scopes defined in your Atlassian App (e.g., read:jira-work, read:jira-user).

  • Your Integration User might be a Jira Admin who can see everything in the UI, but Data 360 still fails to ingest specific objects (like Users or Development Information).

  • Even if the user is an Admin, if the OAuth App lacks the read:jira-user scope, the API will redact user data (returning nulls or empty lists) when Data 360 makes the call.

Resolution:

If an object is not ingestible or specific fields (like email addresses or assignee names) are missing, it may not be a simple user permission issue.

  1. Check App Scopes First: Go to the Atlassian Developer Console and ensure your App has every scope required for the data you are trying to pull (e.g., read:jira-user for people, read:jira-work for tickets).

  2. Re-Authenticate: If you add a new scope in Atlassian, you MUST update the Salesforce Auth Provider and re-authenticate the External Credential to generate a new token with those privileges.

  3. Check User Access: Once scopes are confirmed, then verify that the specific Integration User has the granular Jira permissions (like Browse Projects) to see the records.

Knowledge-artikelnummer

005237338

 
Laddar
Salesforce Help | Article