Cloud
Data Center 10.4
Versions

Secured secrets by default

System administration

On this page

In this section

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

Introduction

Jira Data Center provides default secrets encryption, featuring AES encryption with a 256-bit key to safeguard configuration data. This enhancement ensures that secret information is secured using strong encryption standards, bolstering overall system security.

If you’re using Jira 10.1 or earlier, this security feature isn’t available. See Securing a database password for your manual options, or consider upgrading.

Security Management

Jira includes a suite of tooling for managing security configurations, including key management for your default secrets encryption.

See Security management for more information.

Secured Jira secrets

By default, the following secrets are automatically secured.

In Jira:

  • Database mail server passwords

  • Database password

  • JWT web tokens

  • Cluster authentication shared key

  • External user directory passwords

In Jira automation:

  • Secret keys

In Jira Service Management (these secrets were already encrypted before Jira 10.2, and now use the external secrets solution):

  • Email password

  • Confluence Cloud API key

  • Opsgenie API key

In Assets (these secrets were already encrypted before Jira 10.2, and now use the external secrets solution):

  • Import passwords and API keys

  • Automation passwords

In DVCS:

  • OAuth client ID and secret

  • Access token

  • Webhook secret

  • Username and password

Last modified on Jan 10, 2025

Was this helpful?

Yes
No
Provide feedback about this article

In this section

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.