Skip to main content

Jira upgrade steps

As part of your upgrade from Acunetix to Invicti Platform, please review your Jira integration authentication method and custom fields.

This step ensures your Issue Creator connection continues working without interruption after the upgrade.

This guide explains what's changed and what you might need to update.

Jira Data Center end of life

Atlassian has announced that Jira Data Center will reach end of life on March 28, 2029. After this date, Data Center products will become read-only and no longer receive support or updates.

Key milestones:

  • March 30, 2026: No new Data Center subscriptions for new customers; phased support begins.
  • March 30, 2028: Last date for existing customers to purchase new Data Center app licenses or extensions.
  • March 28, 2029: Final End of Life. All Data Center instances go read-only.

Invicti will continue supporting customers with paid Jira Data Center subscriptions, but we encourage you to start planning your migration to Jira Cloud or consider other issue tracking solutions.

1. Why you need to review your authentication method

In Invicti Platform we've deprecated some of the less secure authentication types that Acunetix used. To prevent issue creation failures, please confirm your Jira integration uses a supported authentication method.

2. What has changed?

Authentication options in Acunetix (Before upgrade)

Acunetix offered four options:

  • HTTP Basic Token ✔️ Supported
  • HTTP Basic (Deprecated) ❌ Not supported in Invicti Platform
  • Cookie (Deprecated) ❌ Not supported
  • OAuth (Deprecated) ❌ Not supported

Authentication options in Invicti Platform (After upgrade)

Invicti Platform supports:

  • Basic Authentication: Jira email address + Jira API Token
  • OAuth 2.0 (3-legged OAuth): requires you to consent the connection

In most cases, you should use Basic Authentication with a Jira API token (not your password!).

Token longevity

  • API Tokens: Jira allows you to configure API tokens with an expiry date of up to a year. After the expiry date you will need to rotate your token and update it in your integration.
  • OAuth 2.0: Jira issues short-lived access tokens that are automatically refreshed by Invicti Platform without requiring reconsent. However, Jira imposes a hard limit of one year, after which you will be required to re-authenticate your integration.

3. What you need to do

✔️ If you used "HTTP basic token" in Acunetix

You're already using a supported method!

Just verify that we correctly carried over these fields in Invicti Platform:

  • Jira email address
  • Jira API Token

If everything looks correct, you don't need to take any further action.

❗ If you used any deprecated method in Acunetix

These methods won't work in Invicti Platform:

  • HTTP Basic (Deprecated)
  • Cookie Authentication
  • OAuth (Legacy)

You'll need to switch to Basic Authentication using a Jira API Token. You can also use OAuth 2.0 authentication.

OAuth 2.0 for Invicti Platform Cloud

If you have a license for Invicti Platform Cloud (https://platform.invicti.com), select OAuth 2.0 in the authentication screen. You will be redirected to Atlassian's OAuth 2.0 consent screen. Once you agree to allow Invicti Platform to post work items on your behalf, you will be redirected back to the integration screen.

OAuth 2.0 for Invicti Platform On-Premises

If you have a license for Invicti Platform On-Premises (self-hosted), you need to configure your own Client ID and Client Secret, as on-premises installations are considered separate applications. Follow the Set up Jira OAuth 2.0 for Invicti Platform on-premises guide for instructions. You will be required to enter your Client ID and Client Secret in Invicti Platform when configuring the OAuth 2.0 integration.

4. How to update your Jira authentication (if needed)

Step 1: Create a Jira API token

  1. Go to https://id.atlassian.com/manage-profile/security/api-tokens. You may need to log in to your Atlassian account first.
  2. Click Create API Token.
  3. Give it a name (for example, "Invicti Integration") and an expiry date.
  4. Copy your new API token.

Step 2: Configure Jira integration in Invicti Platform

  1. Navigate to SettingsIntegrationsIssue TrackersJira.
  2. Click Edit.
  3. Select Basic Authentication.
  4. Enter:
    • Email: Your Jira email address
    • Access Token: The token you created above
  5. Click Next. Invicti Platform will automatically attempt to connect to Jira. If it fails, you will see an error message. If it succeeds, you will see the list of Jira projects.
  6. Click Next, then Save.

5. Verify your setup

After you save the updated configuration:

  1. Create a quick test scan (or use an existing vulnerability).
  2. Try sending an issue to Jira.
  3. Confirm the issue appears in the correct Jira project.

If something doesn't work, our support team is here to help.

6. How we handle Jira fields during upgrade

During the upgrade, Invicti Platform checks every Jira field you previously configured in Acunetix. We only carry over fields that currently exist in your Jira instance.

If a field doesn't exist in Jira (or no longer exists), Invicti Platform excludes it from the upgrade to prevent integration errors.

Why some fields might appear "missing"

If you notice a field from Acunetix isn't visible in Invicti Platform's Jira configuration, it's always because:

  • The field doesn't exist in Jira (it was removed, renamed, or belongs to another project/issue type)
  • The field isn't available for the specific project or issue type you've configured in the integration

Invicti Platform hides non-existent fields by design to ensure clean, valid configurations.

7. What to do about missing fields

In most cases, you don't need to take any action. If you believe a field should exist:

  1. Check the field's availability in Jira.
  2. If you recently added or modified the field, refresh the field list by editing your Jira integration settings in Invicti Platform.

Need Help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?