Activation required. AI access management must be enabled for your tenant before you can use it. To get started, contact the C1 support team for a walkthrough.
How C1 connects to Jira
C1 hosts the Jira MCP server, so your users’ AI clients only ever see MCP tools — they never call Jira directly. When an AI client calls one of these tools, C1 makes the matching request to the Jira API using the credentials you configure here, then returns the result to the AI client. The credentials you set up below are what C1 uses to call Jira on your users’ behalf.Before you begin
- AI access management must be enabled for your tenant. See Enable AI access management.
- An Atlassian account that can create an OAuth 2.0 integration. See Atlassian’s OAuth 2.0 (3LO) apps guide.
If you don’t see Jira in your MCP server catalog, contact the C1 support team to enable it for your tenant.
Create an Atlassian OAuth 2.0 integration
With per-user OAuth, you register one Atlassian OAuth 2.0 (3LO) integration and each user authorizes individually. This keeps every action attributable to the user who took it, with only the access that user already has in Jira.Sign in to the Atlassian Developer Console with your Atlassian account. For the full walkthrough, see Atlassian’s OAuth 2.0 (3LO) apps guide.
Open the Permissions tab. Next to Jira API, select Add, then Configure, and add the Jira scopes C1 needs for the operations you plan to govern, such as reading issues, projects, and users.
Open the Authorization tab. Next to OAuth 2.0 (3LO), select Configure and set the Callback URL exactly to:Select Save changes.
How Jira credentials are shared
With per-user OAuth, each user authorizes with their own Atlassian account, so tool calls run under that user’s Jira identity and inherit only the access they already have. Atlassian attributes each action to the individual user. For how shared and per-user credentials work across MCP servers, see Configure authentication.Register the Jira MCP server in C1
With your integration ready, register the server and provide your credentials.Follow Register an MCP server and select Jira from the catalog.
When you configure authentication, choose per-user OAuth and enter your integration’s client ID and client secret.
Discover and govern tools
After you register the server, C1 runs tool discovery against Jira. Discovered tools appear on the server’s Tools tab. Each tool starts as either Pending review or automatically Approved, depending on the option chosen when the server was set up or your tenant’s default tool settings in Settings > AI Connections. See Require tool approval and Default tool classification. Before anyone can call a Jira tool, it must be approved, added to a toolset, and bound to an access profile. Continue to Govern tools and toolsets to set this up.Tool discovery runs even if your credentials are incorrect, so seeing discovered tools doesn’t confirm that authentication is working. You confirm your Jira credentials when an approved user successfully calls a Jira tool from their AI client.
Manage your Jira credentials
- Rotate the OAuth client secret in the Atlassian Developer Console under your integration’s Settings tab, then update the secret on the server’s authentication settings in C1.
- Adjust access by editing the integration’s Jira scopes on the Permissions tab in the Atlassian Developer Console.