It's a good security practice to host your Jira server instances behind a firewall. This often means that you must whitelist explicitly inbound and outbound traffic to Jira for installed Marketplace applications that require it. The OKRs for Jira by Gtmhub plugin needs bidirectional communication to the Gtmhub API server. This article explains the API calls the Gtmhub Jira plugin makes and the corresponding Firewall rules that must be configured.

What API calls does the OKRs for Jira by Gtmhub plugin make

When you work with the OKRs for Jira by Gtmhub plugin there are several possible API calls:

  • When you use the plugin to select a Gtmhub OKR and link it to a Jira issue the following API calls a re made (via HTPS)

    • the first call is to fetch the sessions form the configured Gtmhub account

    • then we get the OKRs for the selected sessions

    • alternatively, we make search calls in case you use the search functionality the plugin exposes

    • once you select the desired OKR and link it to the Jira issue we make a POST request to Gtmhub and create a Task under the linked OKR. This task represents the Jira issue (so you get 360 degree view of the relation between the OKR and the Jira item).

  • Additionally, you can configure a Webhook in Jira that posts info to Gtmhub on issue update/delete so the status of the task created in gtmhub is updated dynamically when the Jira issue status is updated (Gtmhub Plugin for Jira Server | Gtmhub Help Center). That mechanism will also require outbound calls from Jira to Gtmhub.

Which URLs must be whitelisted in your firewall

You must add an FQDN rule for the following URLs, depending on the data center your Gtmhub account is hosted in:

There’s several places this might need to be instrumented, namely:

Did this answer your question?