Outlook add-in: Analyze Connectivity Issues for Jira Server / Data Center
Connection from Outlook to Jira Server can be challenging as you have full control about the software and hardware. This page is a collection of common reasons.
All recommendations are JIRA SERVER only.
Cause 1: Jira behind SSO or 2FA solution
See this dedicated support article related to Single Sign On solutions: Outlook add-in: Connect with SSO / 2FA
Cause 2: App not installed in Jira
In case you are trying to logon to a private Jira Server or Data Center system from the Office add-in, and the corresponding app from the Marketplace is not installed, it might not work. In general, for licensing reasons it’s required to have the app installed anyway, so you’ll need to get in touch with your Jira administrator about this.
In case you still want to test first, before getting in touch, you can try using the COM add-in, which will allow you a 30 day trial without having anything configured in Jira (this only works if you don’t have any SSO installed).
Cause 3: Reverse Proxy
Background information
If you cannot connect to Jira at all, it is most likely that a Reverse Proxy is adding security headers to every call, or removing important headers (like the Authorization header) we send.
Problematic headers your reverse proxy should not set on the response are:
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Content-Security-Policy | frame-ancestors 'self' |
As of Jira 7.6 these headers are not necessary anymore to add by the reverse proxy because Jira automatically sets them: https://confluence.atlassian.com/jirakb/security-headers-in-jira-939919914.html
Solution
Make sure our connectivity URL does not have the security headers set.
<Jira URL>/plugins/servlet/jiraforoutlook/proxy
To investigate the headers, we recommend the Chrome DevTools.
Open the page above in Chrome, open the DevTools (F12) and check the Network Tab.
Make sure the headers mentioned above are not listed as Response Headers
Cause 4: Invalid SSL
The app requires a valid, trusted SSL certificate.
If you run Jira with a self-signed certificate, you’ll need to make sure the certificate and the corresponding Root CA is properly installed for the machine (not only for the current user)
It is not enough to just add an exception for the browser like the following:
Cause 5: Localhost
Currently it is not possible to connect to localhost from the Office add-in. Please consider using the COM add-in.