AWS Security ChangesHomeSearch

AWS amazonq documentation change

Service: amazonq · 2025-04-18 · Documentation medium

File: amazonq/latest/qbusiness-ug/jira-overview.md

Summary

Expanded authentication options from Basic to include OAuth 2.0 with Refresh Token Flow, added detailed credential requirements, and documented token expiration behavior

Security assessment

Adds documentation for OAuth 2.0 authentication (more secure than Basic Auth) and token management practices, but no evidence of addressing a specific security vulnerability

Diff

diff --git a/amazonq/latest/qbusiness-ug/jira-overview.md b/amazonq/latest/qbusiness-ug/jira-overview.md
index e7a405f05..22da268e4 100644
--- a//amazonq/latest/qbusiness-ug/jira-overview.md
+++ b//amazonq/latest/qbusiness-ug/jira-overview.md
@@ -11,2 +11,2 @@ Category | Feature | Support
-**Security** | **Authentication type** | Basic authentication  
-**Authentication credentials** |  **Basic authentication**
+**Security** | **Authentication type** | Basic, Basic, OAuth 2.0 with Refresh Token Flow  
+**Authentication credentials** |  For Basic authentication
@@ -14,2 +14,14 @@ Category | Feature | Support
-  * Jira ID
-  * Jira token
+  * Jira URL
+  * Jira username
+  * Password (Jira site token)
+
+For OAuth 2.0 authentication with Refresh Token Flow
+
+  * App key
+  * App secret
+  * Access token
+  * [Refresh token](https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/)
+
+###### Note
+
+Access and refresh tokens expire in 1 hour. For information on regenerating tokens, see [Atlassian Developer Documentation](https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/#faq1).