Audit log trail for any cURL probing organization's JIRA

C-CIQADMIN · September 20, 2023, 1:18am

Are admins capable of obtaining verbose logging details for 3rd party apps (3PA) that have a one-way API integration? E.g., from 3PA to JIRA?

Unless I missed it, I did not see any cURL connection attempts, NOR probing attempts in the audit log.

In my use case, a given ${3PA} needs access to ${companyName} JIRA org. How would I know if unauthorized hosts OR any other 3PAs are leveraging REST API tool(s) to probe https://api.atlassian.com/admin/v1/orgs/${ORG_ID} OR running cURL command such as…

curl --request GET \
  --url 'https://api.atlassian.com/admin/v1/orgs/${ORG_ID}' \
  --header 'Authorization: Bearer ${ORG_TOKEN}' \
  --header 'Accept: application/json'

dmorrow · September 20, 2023, 2:58am

Hi @C-CIQADMIN ,

Welcome to the Atlassian Developer Community.

I don’t think there is an API providing this information, but you can ask in https://community.atlassian.com/ to see if there is a product feature providing this.

Regards,
Dugald

C-CIQADMIN · September 25, 2023, 11:09pm

Thanks @dmorrow!

Think I would prefer this functionality to be built natively rather than leveraging a third-party service.