What is an application link?
The application link is the technical feature to connect an external application to Jira with OAuth 1.0a.
As of now, it is the most secure way to connect with Jira. Basically you can imagine an application link as a door to Jira. You open it to allow Outlook Email for Jira access to your instance - and you can close it anytime when it is not needed anymore.
This way your user and your data stay safe. You might have noticed: when using Confluence (or any other Atlassian product) next to Jira, it is also connected with an application link.
One special about the application link created for Outlook Email for Jira: it is only an incoming link. Usually an application link has an outgoing and incoming part, which makes a lot of sense when you want to connect another application like Confluence.
In the case of Outlook Email for Jira, it only needs one direction: Read and write data from Outlook to Jira. At no time, Outlook Email for Jira sends data to external servers automatically or any external service gets access to your Jira system.
Benefits of using an application link
Technically we could just support username and password - and it would work in most cases just fine. So why do we bother you with an application link? The reason is simple: it is more secure.
First and most important: we never get in touch with your user’s passwords. The same password might be used elsewhere. Using the application link with oAuth, we get a separate token from Jira for each user that is using the app. And every request is singed with a one-time token making replay attacks by a man-in-the-middle impossible.
Secondly, it is a well-known Jira standard technology and it works with most SSO solutions. No need to hand out passwords, just to connect Outlook with Jira.
And lastly, it can always delete the application link (= close the door) and all accesses are invoked. This gives you full control just in case something bad happens.
Issues in upgrade report
The latest Jira upgrades come with an dedicated upgrade report. They run a kind of health check after the upgrade to see if everything has worked correctly.
Most of the time, the application link for Outlook Email for Jira will raise a warning. You can safely ignore it.
It recognizes that the URL for the application link is not a valid one. This is intended as the application link is only inbound and used by all Outlook clients to connect to Jira. Where should the URL point to?
Warnings in the log files
Some customers reports some warnings in the log files like this:
Registering failure for stream provider <Application Link Name> due to error other
This is also caused by the incoming-only application link.
Again, you can safely ignore them.