October 11-13, 2022

GitKon 2022

Git Integration for Jira Cloud Documentation

Creating Personal Access Tokens

This page contains steps for creating personal access tokens (PATs) for specific git hosts. Use the table of contents to navigate to the selected git host.

What’s on this page:

GitHub | GitHub Enterprise

If two-factor authentication is enabled for your GitHub account, you will need to create a Personal Access Token (PAT) to access your git repositories. Enable two-factor authentication in your GitHub account for increased security.

While instructions from GitHub works just fine, here are some specific instructions to get you up and running:

  1. Login to your GitHub account then go to your profile settings.

  2. On your sidebar, click Developer settings.

  3. On the following screen, click Personal access tokens on the sidebar.

  4. Generate a new personal access token (PAT) by clicking Generate new token.

  5. The following screen is displayed.

    1. On the Note field, enter a descriptive name for this PAT. For example, git-integration-for-jira.

    2. For Expiration (required), set for how long the token will expire or set it according to your organization’s rules and policies.

    3. For Select scopes, tick the repo scope (this also automatically selects all the scopes under it – keep this setting).

  6. Click Generate token to complete this setup.

  7. Copy the token (write it down or save it somewhere safe – this is the ONLY time you’ll see the token).

GitLab | GitLab CE/EE

GitLab introduced personal access tokens (PAT) since version 8.8 and now (v10+) prefers this type of authentication for accessing the git repositories.  Service users are strongly advised to switch from using username/password to using Personal Access Tokens (PAT) for GitLab.

If two-factor authentication is enabled for your GitLab account, you will need to create a PAT to access your git repositories. Enable two-factor authentication in your GitLab account for increased security.

While instructions from GitLab works just fine, here are some specific instructions to get you up and running:

  1. Login to your GitLab account then go to your profile settings (menu ➜ Profile ➜ Preferences).

  2. On the sidebar, click Access Tokens.

  3. The following screen is displayed.

    1. Give the token a descriptive Name. (For example, "Git Integration for Jira")

    2. Leave the Expiration date field blank or set the expiration date according to your organization’s rules and policies.

    3. Select the api scope.

  4. Click Create personal access token to complete this setup.

  5. Copy the token – (Write it down or be sure to save it. This is the ONLY time you’ll see the token)

In your GitLab repository account setting, the api scopes of the PAT have the ability to create branches and merge requests to specified GitLab repositories via developer panel of a Jira issue.

Azure DevOps | Visual Studio Team Services (VSTS)

Creating a personal access token will allow control on how a service user accesses specific resources from your git repositories. PATs can give you access to Azure Repos without using your username or password directly.

If you have not yet generated a personal access token (PAT):

  1. On the VSTS/Azure portal dashboard, click the user settings icon on the top right corner of the page.

  2. Click Personal access tokens. You will be taken to the Personal Access Tokens configuration page.

  3. Click (plus) New Token. The following dialog is displayed.

    1. Enter a descriptive name for your PAT. Since this is a connection to Jira, you can name it, for example, git-integration-for-jira.

    2. For the Organization, make sure to set it to All accessible organizations. IMPORTANT!

    3. Set the desired lifespan of your token. Set it to Custom defined if you want to choose a longer expiration date.

    4. On the Scopes section, set it to Custom defined.

    5. Set the Code section to Read & write.

  4. Click Create to finish creating your PAT.

When you’re done, make sure to copy and save the token. This token can be used as your password.

For personal access tokens where Organization is not set to All accessible organizations:

  • Set the Scopes section to Full Access; or

  • Set the Scopes section to Custom defined and then set the Code section to Read, Status.

As for Scopes:

  • Code (read)  –  This scope allows only to view commits and smart commits, and browse repositories (if enabled) of connected VSTS/Azure repositories inside Jira.

  • Code (read and write)  –  This scope has the Code (read) functions plus the ability to create branches and pull requests to specified VSTS/Azure repositories via developer panel of a Jira issue.

Team Foundation Server (TFS) 2017 | (TFS) 2018

TFS 2017 and newer can use personal access token for on-premises TFS installations. This will allow control on how a service user accesses specific resources from your git repositories. PATs can give you access to Azure Repos without using your username or password directly.

Follow the steps below, if you have not yet generated a personal access token (PAT) for your user account:

  1. On the TFS portal dashboard, clicking the user settings icon on the top right corner of the page then click Security.

  2. Click Add on the Personal Access Token page to see the following screen.

  3. Enter a meaningful name as Description.

  4. Set the lifespan of your token as desired.

  5. On the Authorized Scopes section, set it to Selected scopes then enable one of the settings that will be assigned to this service user:

    1. For viewing commits, smart commits and browse repositories inside Jira, the recommended scope is code (read).

    2. For having the above access privilege plus branch and pull request creation via developer panel of a Jira issue, the recommended scope is code (read and write).

  6. Click Create token to create this PAT with the specified scope.

When you’re done, make sure to copy and save the token. This token can be used as your password.

Azure DevOps Server

TFS 2017 and newer can use personal access token for on-premises Azure DevOps Server installations. This will allow control on how a service user accesses specific resources from your git repositories. PATs can give you access to Azure Repos without using your username or password directly.

Azure DevOps Server was formerly named Visual Studio Team Foundation Server (TFS).

Follow the steps below, if you have not yet generated a personal access token (PAT) for your user account:

  1. On the Azure DevOps Server portal dashboard, open the account settings by clicking the user profile icon on the top right corner of the page then click Security.

  2. On the Personal Access Token page, click (plus) Add to see the following screen.

  3. Enter a meaningful name in the Description field.

  4. Set the lifespan of the PAT as desired.

  5. On the Authorized Scopes section, set it to Selected scopes then enable one of the settings that will be assigned to this service user:

    1. For viewing commits, smart commits and browse repositories inside Jira, the recommended scope is code (read).

    2. For having the above access privilege plus branch and pull request creation via developer panel of a Jira issue, the recommended scope is code (read and write).

  6. Click Create token to create this PAT with the specified scope.

When you’re done, make sure to copy and save the token. This token can be used as your password.

AWS CodeCommit

While AWS CodeCommit does offer not personal access tokens for authentication, an IAM Access Key ID and Secret Access Key can be used in place of a personal access token. 

The following AWS CodeCommit IAM Policy actions must be granted to an IAM user to create branches and/or pull requests in the Git Integration for Jira app:

  • CodeCommit:Write:CreateBranch

  • CodeCommit:Write:CreatePullRequest

To create a new Access Key ID and Secret Access Key, go to IAM ➜ Users ➜ Security credentials ➜ Create access key.

AWS IAM only allows two Access Keys per IAM user.

We recommend that AWS administrators should not use the same IAM user’s Access Key for the Git Integration for Jira app tasks.

Have feedback about this article? Did we miss something? Let us know!
On this page