Skip to main content

Jira: Quickstart

Set up the Vanta and Jira integration in minutes

Updated today

Connect Jira to Vanta so that security work your team tracks in Jira automatically counts as compliance evidence with no manual uploads required.

Note: This guide covers Jira Cloud only.

What you'll do (~10 minutes total)

  1. Enable a setting in Atlassian admin (~2 min)

  2. Connect Jira inside Vanta and authorize access (~3 min)

  3. Label your Jira issues so Vanta can track them (~2 min)

Before you begin

Confirm the following before starting:

  • You have admin access to Vanta

  • Your Jira account has Browse Projects permission on the projects you want Vanta to monitor

  • User Installed Apps is set to Allowed in Atlassian admin (see steps below)

Tip: For production use, connect with a dedicated service account instead of a personal account. See the full Connecting Jira and Vanta: Full Setup Guide for details.

Step 1: Enable user installed apps in Atlassian

Note: This setting requires Atlassian Organization Admin access. This unlocks the ability to connect third-party tools like Vanta to your Jira account. Without it, the Accept button during the OAuth flow will be greyed out and the connection cannot be completed.

  • Go to admin.atlassian.com.

  • Select your organization.

  • Expand apps → Sites, then select your site.

  • Click Connected apps → Settings.

  • Set User Installed Apps to Allowed.

  • Click Save.

Note: Navigation options may vary depending on your Atlassian version. The goal is to locate Connected Apps → Settings under your organization's site. For example, if you’re on Atlassian’s improved user management experience, go to Products → Select your site → Connected apps → Settings instead.

Step 2: Connect Jira in Vanta

  • In Vanta, navigate to Integrations.

  • Search for Jira in the Available tab.

  • Click View details.

  • Click Connect.

  • A Connected Jira Credentials modal will appear. Click Add Jira Credentials.

  • In the Link Jira modal, you can determine if you want to grant Vanta read and write access, or read access only.

Which access level should you choose?

  • Read and write (recommended): Lets you create Jira issues directly from Vanta tests. Choose this unless your security policy requires read-only.

  • Read only: Vanta monitors existing Jira issues but cannot create new ones from Vanta.

  • Then you must provide your Atlassian site URL.

How to find your Atlassian site URL:

Note: You may have a different version of Atlassian which may cause variation in the following setup steps or website screenshots.

  • Click on the 4-square icon in Atlassian

  • Expand Jira

  • Select the organization you want to connect

  • That brings you to Jira. The URL there contains the site URL needed for the Link Jira modal in Vanta.

  • You should see the Atlassian authorization screen in your browser.

Once you have provided your Atlassian site URL, click Connect Jira.

Step 3: Authorize the connection

  • Once you have completed the steps above, it will bring you to the following screen.

  • Be sure the right organization is selected in the dropdown for Use app on.

  • Review the requested permissions.

  • Click Accept.

  • You should see: A redirect back to Vanta with Jira showing as Connected.

Step 4: Label your security issues in Jira

Vanta automatically looks for Jira issues labeled security or Security by default — both casings are handled for you.

Add this label to any issue you want Vanta to pick up as compliance evidence.

  • Open an issue in Jira

  • In the Labels field, select security or Security from the dropdown

  • Repeat for any other issues you want Vanta to track

Tip: You can add the security label to issues in bulk using Jira's bulk edit feature. You can also add it to new issues going forward as part of your team's workflow.

  • Using a different label? You can change the default in Vanta → Integrations → Jira → Manage → Task Tracking Labels. See the full guide for details.

Step 5: Verify tasks are appearing in Vanta

  • In Vanta, navigate to Tests and filter the All resource monitoring tab by integration.

  • Select Jira as the integration filter.

  • Then click on any security-related test that appears (e.g. a test that tracks whether security issues are resolved within your SLA).

  • You’ll land on the results tab by default.

  • If Jira issues with your configured label are being pulled in, you’ll see them listed under a header like “{18} issues need remediation.

Don't see anything yet? Sync is not instant. Most issues appear within 1-2 hours of connecting, though it can take longer for very large Jira instances.

You’re connected

Once your Jira issues are appearing in Vanta, your integration is working. From here, your team can continue working in Jira as normal. Vanta will now sync matching Jira issues automatically. No further action needed.

Troubleshooting

Accept button is greyed out during setup

  • Likely cause: The Atlassian admin setting for User Installed Apps is not enabled.

  • Fix: Return to your Atlassian admin console and confirm User Installed Apps is set to Allowed, then retry the connection.

Tasks are not appearing in Vanta after setup

  • Likely cause: The Jira issue is missing the required security label in the correct field.

  • Fix: Confirm the label has been added to the Labels field on the Jira issue — not in a comment or the description field. Allow a few hours for the initial sync to complete.

Additional resources

To create Jira issues directly from Vanta tests or configure advanced settings, see the Jira Integration Guide.

For issues not covered here, Contact Vanta Support or refer to the troubleshooting section of the full guide.