atlassian

This MCP server provides OAuth2-based access to Atlassian services (Jira and Confluence) and exposes a small set of programmatic tools that a Claude-like agent can invoke over an MCP SSE endpoint. After configuring and running the server, you authenticate with Atlassian to grant the app access to your Jira and Confluence data. On successful OAuth, the app stores encrypted access and refresh tokens in PostgreSQL and returns a connection token (principalName) that your agent uses to call the tools on behalf of the authenticated user. The available tools include Jira operations (getIssue, createIssue, updateIssueSummary) and Confluence actions (searchConfluencePages, getConfluencePageContent, getConfluenceSpaces, createConfluencePage). The tools are registered via the AtlassianService bean and are invoked through the MCP server’s SSE interface, enabling an LLM agent to compose requests that leverage your Jira/Confluence data without exposing direct REST endpoints.

To use it, first start the server (as described in the installation section) and complete the Atlassian OAuth flow by visiting the home page (default: http://localhost:8080/). After consent, you’ll see a connection token on the success page. Copy this token into your agent configuration so the agent can perform Jira and Confluence operations on behalf of your principal. When your agent calls the MCP SSE endpoint, specify the desired Atlassian tool (e.g., getIssue, createIssue, searchConfluencePages) and the required parameters; the server will handle token refreshing as needed and call the Atlassian APIs using the stored credentials.

Prerequisites:

• Java 17 (or newer compatible with the project)
• Maven (or the provided mvnw wrapper) for building
• PostgreSQL or another JDBC-compatible DB
• Atlassian OAuth app credentials (client id and secret)

Step-by-step installation:

1. Install and run a PostgreSQL database (example with Docker):

# Quick Postgres instance (optional if you already have a DB)
docker run --name jira-pg -e POSTGRES_USER=myuser -e POSTGRES_PASSWORD=mysecretpassword -e POSTGRES_DB=jiratokensdb -p 5432:5432 -d postgres:15

2. Set required environment variables (adjust values to your environment):

export ATLASSIAN_CLIENT_ID=your_atlassian_client_id
export ATLASSIAN_CLIENT_SECRET=your_atlassian_client_secret
export ATLASSIAN_CALLBACK_URL=http://localhost:8080/auth/atlassian/callback
# optional
export JASYPT_ENCRYPTOR_PASSWORD=change_this_securely
export SPRING_DATASOURCE_URL=jdbc:postgresql://localhost:5432/jiratokensdb
export SPRING_DATASOURCE_USERNAME=myuser
export SPRING_DATASOURCE_PASSWORD=mysecretpassword

3. Build the application (project uses Maven Wrapper):

./mvnw clean package -DskipTests

4. Run the application (fat jar):

java -jar target/*.jar

5. Access the app in your browser:

• Home page: http://localhost:8080/
• Initiate OAuth by clicking the Atlassian connect option, complete consent, and retrieve the connection token shown on the success page.

Notes:

• If you prefer Docker deployment, you can package and run a container image and override environment variables accordingly.
• Update your Atlassian OAuth app scopes to include offline_access and necessary Confluence/Jira scopes.

Tips and troubleshooting:

• Ensure the callback URL exactly matches what you configure in your Atlassian developer console (scheme, host, port, path).
• Confirm your Atlassian OAuth app includes offline_access to receive refresh tokens and the Confluence scopes you need (e.g., read:confluence-content, search:confluence, write scopes for creating pages).
• If you encounter 401 errors when calling Confluence APIs, verify the scopes returned during token exchange and that the app has the required scopes configured; logs will show the returned scopes from Atlassian.
• The app stores encrypted tokens in the configured database; ensure your jasypt password is kept secure and not committed.
• To inspect raw Atlassian responses (status/headers/body) enable verbose logging for Confluence calls in your logging configuration.
• For local development, a docker-compose.yml is provided to spin up PostgreSQL easily; remember to set Atlassian credentials in a local .env file or environment variables before starting the app.