Service impacting changes: GDPR for Jira Cloud / Legacy Connector EOL Impact

By Jason posted 01-04-2019 10:45


Document Changelog -

03/18/2019 EDIT - Atlassian Extends by 1 MONTH ONLY from 03/29 to 04/29 - do not delay redeploys! -JBrown
03/04/2019 EDIT - Opshub GDPR compliant v7.11 available for use -JBrown
02/11/2019 EDIT - Final Tasktop (18.4.21/4.16.21) releases avail. - JBrown
02/05/2019 EDIT - Tasktop TIH v18.1.42, 18.2.38, 18.3.28 avail by request / JIH v4.13.42, 4.14.38, 4.15.28 - JBrown
01/22/2019 EDIT - Tasktop TIH 19.1.2 / JIH 4.17.2 downloads avail (see links below) - JBrown 
01/17/2019 EDIT - TaskTop service versions and release dates announced - JBrown
01/08/2019 EDIT - Applied new information to Hub versions and availability estimates -JBrown

Jama-Jira-LogoUpcoming Atlassian change

What this means for Admins:

  • All Admins should review their existing Jama to Jira user linking strategy as the risk of impact due to this GDPR change is High.
  • Jira Cloud users – Review the information and begin planning for migration to GDPR supported Opshub and Tasktop versions (when released). Failure to migrate may cause sync downtime if user data is included in a shared data element.
  • Jira Self Hosted – While these changes do not impact Self-hosted (non-cloud) Jira users, this info should be included in review for future local update planning. 
  • Jama's Legacy Jira Connector users Will NOT receive adapter code updates due to previously announced End of Life (EOL)
    See notes below about this change and EOL reminder info!

Earlier in 2018 Atlassian announced modifications to how user data is shared, in effort to follow GDPR. An end date (Extended to 04/29/2019) has been announced, indicating that deprecating user data fields will be completely removed from Jira Cloud API responses. Provided below is a snippet of the official announcement from Atlassian followed by an external link to the complete announcement:

  • By (Extended) 29 April 2019, we will remove personal data from the API that is used to identify users, such as username and userKey, and instead use the Atlassian account ID (accountId). Additionally, will be restricting the visibility of other personal data, such as email, in conjunction with a user’s profile privacy settings, or in the case of managed account, the visibility settings decided by the site administrator.

Technical Actions


Opshub orgs - 
The Opshub OIM version supporting the Atlassian AccountID (OIM V7.11) is available now!
  • OnPrem redeployment to this version will be required in order to get the new code updates.
  • Hosted deployments need to be scheduled with the Opshub team
  • Redeploy is expected to be Mainly Automated with minimal to manual effort to accommodate the change.
  • Contact Services Operatons ( prior to March 13th, 2019 on required next steps.

Tasktop TIH/JIH/Sync orgs - 
The Tasktop service versions supporting the Atlassian AccountID are available. 
  • OnPrem redeployment to this version will be required in order to get the new code updates. Due to the sheer number of Tasktop revisions available, only Specific revisions of Tasktop will include the GDPR updates SEE BELOW. 
  • Customers must upgrade their Tasktop instance to one of the following versions before April 29th, 2019:

    • DOWNLOAD - Latest releases - Tasktop Integration Hub 19.1.2+ or JIH/Tasktop Sync 4.17.2+ 
    • Older Releases - Tasktop Integration Hub Service Releases on 18.1-18.4 or Tasktop Sync 4.13-4.16

    • Customers should follow the upgrade path for their organization's configuration to determine the correct timing and version number for their upgrade. Upgrade instructions specific to these changes are available here. 

Other Suggested Actions

Scenario: Active user removal
Synchronizing data between services with “created by” and “modified by” comes with some difficulties where a user removed from only one system can leave conflict actions or errors. This scenario will be worsened with the new changes as GDPR allows a user to hide their “Display name” and email address. This could leave some tickets with only an AccountID for display.

Instead, Jama suggests using an admin account as the default for all Sync functions and rely on the object trace and History to see who and what changes were made. (eg: changed by “Opshub sync” or “Tasktop sync”)

Scenario: Jira Sync User allows GDPR data
As a sync commonly requires email information for Federating Data hubs to function, the Primary sync user should manually be adjusted to allow email permissions in the Jira user privacy data.

Jama Jira Connector orgs (Legacy JLC) - 
Early in 2018 Jama announced that end of support for the Legacy Jira Connector (04/30/2019). 
Due to the Atlassian change, Jama Legacy EOL support for onPrem (self-hosted) users of the connector will still be the last day of April, but Jama will NOT be making changes to the retiring code. As such, April 2019 will be out of support for all Legacy users, but March will cause strong immediate impact to Jira Cloud users who sync users.
  • Jama STRONGLY RECOMMENDS that customers actively using the Legacy Jira Connector select an alternative connector (such as Opshub or Tasktop).
    • Please reach out to your Account Manager and immediately begin redeployment efforts. In the planning phases, make sure to account for an additional redeployment when the Atlassian changes are available for the hub provider of your choice. 
    • Orgs who have access to the Legacy Connector but DO NOT use it should reach out to your Account Manager and let us know.
    • Waiting until the Hub services release the GDPR versions to begin conversations is not recommended as this will put strain on your timeline.
  • On-Premises (self-hosted) Jira users should not ignore this messaging as future Jira updates locally will be impacted and the Legacy connector will be out of support.