To securely connect Jira Cloud with Kendis, you must configure a Scope-Based OAuth 2.0 integration. This guide explains how to create and configure a Scope-Based OAuth 2.0 (3LO) API token in Jira Cloud and connect it to Kendis.
The process covers:
Creating a new OAuth 2.0 (3LO) integration in the Atlassian Developer Console.
Adding and configuring the required APIs.
Selecting the necessary granular scopes.
Setting the Kendis callback URL in Jira.
Retrieving the Client ID and Client Secret.
Creating a Scope-Based API Token.
Completing and testing the connection inside Kendis.
Jira Scope-Based API Configuration
Follow the steps below to complete your Jira Cloud Scope-Based API integration successfully.
Step 1: Create an OAuth 2.0 Integration
Go to the Atlassian Developer Console:
Click All apps, then:
Click Create.
Select OAuth 2.0 integration.
Enter your app name.
Accept the terms.
Click Create.
Step 2: Add Required APIs
Go to the Permissions tab.
Add the following APIs:
Personal Data Reporting API.
User Identity API.
Jira API.
Click Add next to each API.
Step 3: Grant Jira API Permissions
Now configure permissions inside the Jira API.
Edit and Configure Permissions
Stay in the Permissions tab.
Select Jira API.
Switch to Granular scopes.
Click Edit Scopes.
Use the search bar to find each permission.
Select the checkbox.
Click Save.
Required Granular Permissions
From the list shown in your screen, select the following permission names:
View projects
View boards, backlogs, and related items
View epics and related issues
Update epics
View sprints
Update and delete sprints
These six permissions must be selected.
After clicking Save, you should see confirmation that new scopes were added.
Step 4: Authorise App Connection
Switch to the Authorisation tab.
Click ‘Add’ action for OAuth 2.0 (3LO).
You will now need your Kendis callback URL.
Step 5: Copy Callback URL from Kendis
Go to your Kendis board.
Navigate to ALM Account.
Click Edit.
Enable Using Scope API.
Copy the displayed Callback URL.
Paste this callback URL into the Jira Authorisation tab.
Click Save Changes.
Step 6: Copy Client ID and Client Secret
Return to the Jira Developer Console.
Go to the Settings tab and copy:
Client ID.
Client Secret.
Keep these credentials secure.
Step 7: Create API Token with Scopes
In addition to OAuth configuration, you must create a Scope-Based API Token from your Atlassian account.
Access Atlassian Account
Click your Profile icon (top-right corner in Jira).
Select Manage Account.
Go to the Security tab.
Scroll to API tokens.
Click Create and manage API tokens.
Create Scope-Based API Token
Select Create API token with scopes.
Enter a descriptive name (e.g., Kendis Scope Integration).
Set the expiry date (choose the maximum allowed duration).
Click Next.
Select the App
Select Jira from the list of apps.
Click Next.
Select Required Jira Scopes
You have to manually search and select the following Jira scopes:
After selecting all required scopes:
Click Next.
Review the selected scopes carefully.
Click Create token.
Then, Click Copy.
Save the token securely (password manager recommended).
⚠️ You will not be able to view this token again after closing the window.
Step 8: Complete Setup in Kendis
Return to the Add ALM Account modal in Kendis.
Enter:
Jira Login ID (Email).
Scope-Based API Token.
Client ID.
Client Secret.
Note: Make sure that Using Scope API is enabled.
Click Test Connection.
If successful, your Jira Cloud Scope-Based OAuth connection is now established.
Setup Validation Checklist
Callback URL must match exactly.
All granular permissions must be saved before testing.
Do not share your Client Secret publicly.
Only enable permissions required for your integration.