...
Working on a support issue we only access the minimum data needed to resolve the issue.
Product Security
Users get access to the App only by logging into Jira. The App uses the Atlassian Connect that relies on HTTPS and JWT authentication to secure communication between the App, the Atlassian product, and the user.
Please learn more about Atlassian Connect security.
Приложение хранит данные аутентификации к серверам TeamCity в зашифрованном виде. Шифрование и дешифрование происходит с помощью механизма AWS Encryption SDK. У разработчиков нет доступа к ключу шифрования. Ротация ключа шифрования происходит каждый год. Аутентификация в TeamCity происходит с помощью basic HTTP authentication.
Permissions
The maximum set of actions TeamCity Integration for Jira app may perform is expressed in the scopes in the App descriptor and is presented to the administrator during installation. This security level is enforced by Atlassian Connect and cannot be bypassed by app implementations.
Here is the list of all used scopes:
READ- View, browse, and read information from Jira.WRITE- Create or edit content in Jira, but not delete content.DELETE- Delete content in Jira.
Learn more in the scopes documentation.
...