Set up a Jira Cloud data store

This page describes how to create a data store and connect Jira Cloud to Gemini Enterprise.

Before you begin

Ensure the following before you set up your Jira Cloud federated connection:

Grant the Discovery Engine Editor role (roles/discoveryengine.editor). This role is required for the user to create the data store. To grant this role, do the following:
1. In the Google Cloud console, go to the IAM page.
  Go to IAM
2. Locate the user account and click the edit Edit icon.
3. Grant the Discovery Engine Editor role to the user. For more information, see IAM roles and permissions.
To enforce data source access control and secure data in Google Gemini Enterprise, configure your identity provider.
To set up the Jira Cloud connector, you must use the new centralized Atlassian user management model. If you are using the original model, you need to migrate your user management before proceeding. For more information, see Site administrator role.
Create an OAuth 2.0 app, obtain the client ID and secret, and configure the minimum application permissions with the consent of a Jira Cloud administrator. Verify that you have Jira organization administrator access to the Jira instance and project. With the organization administrator access, you can set up minimum permissions and provide access privileges to user groups.
Optional: To retrieve user email addresses from Jira Cloud, even when settings restrict email visibility, install the User Identity Accessor for Jira Cloud app with Jira Site administrator privileges to install and configure it to securely retrieve user email addresses. You might not need to install this app if email addresses are already publicly accessible.

Note: Atlassian is updating user interface elements, and some elements mentioned in this documentation are being renamed (for example, Products is being renamed to Apps). For more information, see Atlassian Administration terminology change from "products" to "apps".

Create Jira Cloud data store

To create a Jira Cloud data store, perform the following steps:

In the Google Cloud console, go to the Gemini Enterprise page.

Gemini Enterprise
Select or create a Google Cloud project.

Note: To access the unified flow, your project must be on the allowlist.
In the navigation menu, click Data stores.
Click Create data store.
In the Source section, search for Jira Cloud, and click Select.
In the Data section:
1. In the Connector mode section, select Data ingestion or Federated search as the connection mode.
Public preview: The federated search and actions features are in public preview. This feature is subject to the "Pre-GA Offerings Terms" in the General Service Terms section of the Service Specific Terms. Pre-GA features are available "as is" and might have limited support. For more information, see the launch stage descriptions.
1. Click Continue.
2. In the Authentication settings section, configure authentication based on your chosen connection mode.
  1. Provide the following authentication details:
    - Client ID
    - Client secret
    - Instance URI
    - Instance ID
    For more information about credentials, see Jira Cloud configuration.
  2. If you selected Federated search, click Login and complete the Atlassian sign-in.
  3. Click Continue.
3. In the Destinations section, enter the URL to your Jira Cloud endpoint.
4. Click Continue.
5. In the Entities to search (if you selected Federated search) or Entities to sync (if you selected Data ingestion) section:
  1. Select all the required entities.
  2. If you selected Federated search, proceed to the next step.
  3. If you selected Data ingestion, continue with the following steps:
    1. Optional: To sync specific projects, do the following:
      1. Click Filter.
      2. To filter entities out of the index, select the Exclude from the index checkbox, or to ensure that they are included in the index, select the Include to the index checkbox.
      3. Enter the keys. Press enter after each key.
      4. Click Save.
    2. To configure the sync schedule, do the following:
      1. In the Sync frequency list, select the sync frequency.
        
        To schedule separate full syncs of entity and identity data, expand the menu in the Full sync section and then select Custom options.
      2. In the Incremental sync frequency list, select the incremental sync frequency. For more information, see Sync schedules.
Click Continue.
In the Actions section:
1. If you selected Federated search:
  1. From Select Jira Cloud actions to enable, select the actions from the category to enable them for the connector.
2. If you selected Data ingestion:
  1. In the Authentication settings section, configure authentication based on your chosen connection mode.
  2. Provide the following authentication details:
    - Client ID
    - Client Secret
    - Instance URI
    - Instance ID
    For more information about credentials, see Jira Cloud configuration.
  3. Click Login and sign-in to Jira Cloud to verify your account.
  4. Click Continue.
  5. From Select Jira Cloud actions to enable, select the actions from the category to enable them for the connector.
  Note: If you skip adding actions in this step, you must create a new data store to add actions. To view the list of actions, see View actions.
In the Configuration section:
1. From the Multi-region list, select the location for your data connector.
2. In the Data connector name field, enter a name for your connector.
3. If you selected US or EU as the location, configure the Encryption settings:
  - Optional: If you haven't configured single-region keys, click Go to settings page to do so. For more information, see Register a single-region key for third-party connectors.
  - Select Google-managed encryption key or Cloud KMS key.
  - If you selected Cloud KMS key:
    - In the Key management type list, select the appropriate type.
    - In the Cloud KMS key list, select the key.
  For more information, see Customer-managed encryption keys.
Click Continue.
In the Billing section, select General pricing or Configurable pricing. For more information, see Verify the billing status of your projects and Licenses.
Click Create. Gemini Enterprise creates your data store and displays your data stores on the Data Stores page.

On the Data Stores page, click your data store name to see the status. After the data store state changes from Creating to Active, the Jira Cloud connector is ready to be used.

For an ingestion connector created with Jira Cloud, the data store state transitions from Creating to Running upon synchronization initiation. It then changes to Active once ingestion is complete, signifying that the data store is fully configured. Depending on data volume, ingestion may require several hours.

After creating the data store, create an app, connect it to the Jira Cloud data store, and authorize Gemini Enterprise to access Jira Cloud before executing any queries.

Enable real-time sync for data ingestion

Real-time sync only syncs document entities and doesn't sync data related to identity entities. The following table shows which document events are supported with real-time sync.

Jira entities	Create	Update	Delete	Permission changes
Issues
Worklogs
Projects
Comments
Attachments

To enable real-time sync for a Jira Cloud data source connector, follow these steps:

Generate a webhook URL

Navigate to the Gemini Enterprise page, and in the navigation menu, click Data Stores.
Select a Jira Cloud data store.
Click View/Edit in the Realtime sync row.
In the View and edit realtime sync parameters dialog, do the following:
1. To turn on real-time sync, click the Enable realtime sync toggle.
2. Enter a value in the Client secret field and copy it. You need this value again when creating a webhook in the Jira administration console.
3. Click Save.
After the status of Realtime sync changes to Running, click View/Edit.
In the View and edit realtime sync parameters dialog, do the following:
1. Copy the Webhook URL.
2. Click Close.

Create a webhook

Sign in to the Jira administration console.
Click Settings and select System.
In the System settings pane, select Webhooks.
Click Create a webhook. For information about webhooks, see Webhooks.
Enter a name for the webhook.
Select the Status as Enabled.
In the URL field, paste the URL copied from Gemini Enterprise and append /{issue.id}.
In the Secret field, enter the same value you entered when generating a webhook URL in Gemini Enterprise.

Note: To verify data consistency and prevent errors when configuring webhooks in Jira, only select entities that are enabled for sync in your data store.
In the Issue related events section, select the following options:

Entities Created Updated Deleted

Issue Yes Yes Yes

Worklog Yes Yes Yes

Comment Yes Yes Yes

Attachment Yes No Yes
In the Project related events section, select the created, updated, and deleted checkboxes for the Project entity.
Click Create.

Entities	Created	Updated	Deleted
Issue	Yes	Yes	Yes
Worklog	Yes	Yes	Yes
Comment	Yes	Yes	Yes
Attachment	Yes	No	Yes

Data handling and query execution

This section describes how Gemini Enterprise manages your query and the privacy implications of using the federated data store.

Query execution

After you authorize Jira Cloud and send a search query to Gemini Enterprise:

Gemini Enterprise sends your search query directly to the Atlassian API.
Gemini Enterprise blends the results with those from other connected data sources and displays a comprehensive search result.

Data handling

When using third-party federated search, the following data handling rules apply:

Your query string is sent to the third-party search backend (Atlassian API).
These third parties may associate queries with your identity.
If multiple federated search data sources are enabled, the query might be sent to all of them.
Once the data reaches the third-party system, it is governed by that system's terms of service and privacy policies.

What's next

To provide a user interface for querying your Jira Cloud data, create an app and connect it to the Jira Cloud data store.
To view the list of actions, see View actions.
To preview how your search results appear after your app is set up, see Get search results.
To enable alerts for the data store, see Configure alerts for third-party data stores.