AWS amazonq documentation change
Summary
Expanded authentication options from Basic to include OAuth 2.0 with Refresh Token Flow, added detailed credential requirements, and documented token expiration behavior
Security assessment
Adds documentation for OAuth 2.0 authentication (more secure than Basic Auth) and token management practices, but no evidence of addressing a specific security vulnerability
Diff
diff --git a/amazonq/latest/qbusiness-ug/jira-overview.md b/amazonq/latest/qbusiness-ug/jira-overview.md index e7a405f05..22da268e4 100644 --- a//amazonq/latest/qbusiness-ug/jira-overview.md +++ b//amazonq/latest/qbusiness-ug/jira-overview.md @@ -11,2 +11,2 @@ Category | Feature | Support -**Security** | **Authentication type** | Basic authentication -**Authentication credentials** | **Basic authentication** +**Security** | **Authentication type** | Basic, Basic, OAuth 2.0 with Refresh Token Flow +**Authentication credentials** | For Basic authentication @@ -14,2 +14,14 @@ Category | Feature | Support - * Jira ID - * Jira token + * Jira URL + * Jira username + * Password (Jira site token) + +For OAuth 2.0 authentication with Refresh Token Flow + + * App key + * App secret + * Access token + * [Refresh token](https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/) + +###### Note + +Access and refresh tokens expire in 1 hour. For information on regenerating tokens, see [Atlassian Developer Documentation](https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/#faq1).