Report Builder is available for all Jira instances (Jira Core, Jira Software, Jira Service Management) on Server, Data Center and Cloud.
Yes, there are a few roles that could be assigned to define the restrictions and assignee roles. Read more about permissions in Report Builder Report permissions
Desktop browsers:
Google Chrome (Windows and Mac) - Latest stable version supported
Safari (Mac) - Latest stable version on latest OS release supported
Mozilla Firefox (all platforms) - Latest stable version supported
Microsoft Edge - Latest stable version supported
Yes, as a part of Jira security configuration.
“IP allow listing” is available with Premium plans for Jira Software, Jira Service Management, and Confluence. Learn more about Jira Cloud plans.
Transparency is part of our DNA. Because we live by these values, we are happy to provide full insight into our Report Builder privacy policy.
Report Builder app can access only issues visible for “current user,” which means a person currently using Report Builder. Depending on the report type, the app can access:
Issues
Issue fields
Work log
Comments
The app doesn’t store any PD in our application or outside Jira.
100% Safe & Secure All data needed from Jira Cloud is processed directly in your browser and does not pass out. |
To get and modify data in Jira and Confluence, Report Builder uses public Jira and Confluence REST APIs. For example, we are getting issues and work logs to calculate the Jira Cloud REST API reports data.
Our app uses all the required Authorization and Security technologies provided by Atlassian:
https://developer.atlassian.com/cloud/jira/software/security-overview/
https://developer.atlassian.com/cloud/jira/software/security-for-connect-apps/
To develop our app, we used the Atlassian Connect framework for communications between our app and Jira. For the back end, we used NodeJS and frontend JavaScript.
Report Builder app works on the top of the Jira authentication system and supports all the available authentication settings.
Report Builder for Jira Cloud is available over SSL only. We are using a valid (not a self-signed) browser-trusted certificate, without any human intervention, and all the communications between “Client ↔︎ Jira Cloud application ↔︎ Our app” are encrypted.
We have measures in place to ensure that all the customers are logically separated so that the actions of one customer cannot compromise the data of other customers.
In the version for Jira Cloud, we use a concept that Atlassian refers to as the “tenant context” to achieve logical isolation of all the customers. This is implemented in the Atlassian Connect framework and managed by the “Tenant Context Service” (TCS). This concept ensures that:
Each customer’s data is kept logically segregated from other tenants when at rest.
Any requests processed by our app have a “tenant-specific” view, so other tenants are not impacted.
Our security monitoring includes the following:
Role-based mechanism to access all the parts of infrastructure separately.
The app creates a massive collection of event logs for analysis and investigation.
Regularly reviewing of records to improve alerting mechanisms or to manually identify security incidents.
As a part of our internal audit process, once per quarter.
Our security incident management plan is not publicly available. However, in case of any incidents, please get in touch with support@actonic.atlassian.net.