JiBrok Studio for Jira CloudPart of the Administration reference. API Restrictions | Admin Tools | Audit Logs
API whitelist/blacklist
Control which Jira REST API endpoints scripts can access.
Global whitelist
- Disabled by default (all endpoints allowed)
- Enable to enforce pattern-based URL restrictions
- Patterns use glob syntax (e.g.,
/rest/api/3/issue/**) - API Catalog for quickly adding common endpoint groups
- Reset to defaults restores the original whitelist
Global blacklist
- Disabled by default (nothing blocked)
- Enable to block matching patterns
- Blacklist is checked before whitelist
- Useful for blocking sensitive endpoints while allowing everything else
Custom API restrictions
Create named whitelist/blacklist profiles for per-script restrictions:
- Custom Whitelists - named profiles with endpoint patterns, assigned to specific scripts in their Config tab. A script must pass both the global whitelist AND its custom whitelist.
- Custom Blacklists - named profiles assigned to specific scripts. Blacklist checked before whitelist at the script level.
- See Limits for profile and entry limits
Next steps
- Administration - Core settings overview
- Admin Tools - Script usage, import/export, health check
- Limits - All system limits
