Webhooks are not sent from Jira Service Management Automation rules

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

   

Summary

Webhooks are not sent from Jira Service Management (JSM) automation rules, even though the automation logs are showing that the automation was successful.

(warning) Note that the issue only occurs with the JSM Automation module (configured in Project Setting > Automation), not with the automation module from the Automation for Jira add-on (which is configure in Project Settings > Project Automation). If you are using Automation for Jira, this KB article does not apply to you.

Environment

Service Management 4.6.0 or any version above.

Diagnosis

  • An JSM automation rule is configured in Project Setting > Automation to send a webhook
  • When the automation rule is triggered, the automation logs are showing that the webhook was successfully sent
  • However, in reality, the webhook was never sent
  • In the Jira application logs, the following warning can be seen at the time the automation rule was triggered:

    2021-09-24 11:16:57,521+0200 PsmqAsyncExecutors-then:thread-24 WARN someuser 594x940x1 1er25nu 0:0:0:0:0:0:0:1 /secure/DeleteComment.jspa [c.a.s.p.a.i.e.engine.asyncthen.AsyncThenJobProcessor] Failed executing ThenAction com.atlassian.servicedesk.plugins.automation.webhook.rulethen.WebhookThenAction asynchronously: 'Invalid URL, not permitted by the system whitelist'

Cause

Due to security concern, from JSM 4.6.0, the automation module was updated in a way that it will only send a webhook to an URL if this URL has been whitelisted, as per this developer community discussion. For this reason, whenever a new automation rule is configured to sent a webhook, it is necessary to whitelist the webhook URL in the page ⚙ > System > Allowlist (also called ⚙ > System > Whitelist in Jira 8.13.3 or higher versions) for the automation to send the webhook. Otherwise, the automation will not be executed.

The fact that the JSM automation rule always shows a SUCCESS in the logs regardless if the webhook was sent or not is actually a bug, which is tracked in this public bug ticket: Service Desk webhooks that fail indicate success. So, because of this bug, the automation logs will always show a success, which is of course misleading.

Solution

Whenever a new automation rule is configured to sent a webhook, it is necessary to whitelist the webhook URL in the page  ⚙ > System > Allowlist (also called ⚙ > System > Whitelist in Jira 8.13.3 or higher versions), as shown in the screenshot below. Please note that it is not necessary to tick the "Allow incoming" option in this case.

(warning) Important note: if you are using Jira 8.13.3 or any higher version, it is necessary to tick the Allow anonymous users option for the automation rule to work.

  • This is what the configuration should look like in Jira 8.13.2 and lower versions:



  • This is what the configuration should look like in Jira 8.13.3 and higher versions:

Last modified on Oct 5, 2021

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.