AFAIK requests from Jira to our apps contain a JWT token that you can use to determine which customer is making the request.