Abstract
This app is designed to prioritize maximum data security and protection for customers and users. This document provides additional details for Jira administrators, IT professionals, and security experts.
General Architecture
The app is built using Atlassian Connect, a development framework offering both client-side and server-side components. It relies exclusively on Atlassian’s infrastructure to ensure seamless integration and security.
Client-Side
The app utilizes the Atlassian Connect JavaScript API to securely interact with Jira’s REST API. No additional network traffic or API calls are made outside of the Atlassian ecosystem.
The app relies entirely on the Atlassian Connect client. It requires no backend data storage outside of Atlassian ecosystem aside from what is required to install or load the app. The app itself is built on Angular, a modern and widely adopted web development platform, the app ensures robust performance and maintainability.
Server-Side
The server sied parts provide a secure environment for authenticating and serving the app's assets (HTML, CSS, JavaScript and images) to Jira instances. No client data is stored on the server. The server's sole function, through Atlassian Connect Express (ACE), is to securely load the app package into the client’s browser. All communications, with the exception of image files and the app’s descriptor, are authenticated with your Jira environment through Atlassian Connect Express (ACE). The serverside parts are hosted on Microsoft Azure, offering maximum performance, scalability and security.
The following diagram illustrates the app’s architectural overview
Benefit of this architecture
This app | Benefit |
---|---|
Secure installation trough Marketplace using Atlassian Connect Express (ACE). | |
Secure loading of App files into client browser using Atlassian Connect Express (ACE). | |
Secure and well maintained web framework using Angular. | |
No suspicious tracking of user activity by Google Analytics, etc. | |
No storing or processing of any data of our client outside of Atlasians infrastructure. |