{"id":"ankitranjan5-atlassian-mcp-server","name":"atlassian-mcp-server","homepage":null,"repo_url":"https://github.com/ankitranjan5/atlassian-mcp-server","category":"infrastructure","subcategories":[],"tags":["mcp","spring-boot","oauth2","atlassian","jira","confluence","llm-tools","sse","postgres"],"what_it_does":"Provides a Spring Boot MCP (SSE-based) server that performs Atlassian OAuth2 (Jira + Confluence Cloud), stores encrypted tokens in a database, refreshes tokens automatically, and exposes MCP “tools” for Jira issue operations and Confluence page/space operations.","use_cases":["Jira issue retrieval/creation/update via an LLM agent","Confluence page search and content retrieval/summarization via an LLM agent","Creating Confluence pages from agent-generated content","Building agent workflows that act on a user’s Atlassian account after OAuth consent"],"not_for":["Multi-tenant environments without strong isolation controls for per-principal tokens","Highly compliance-sensitive deployments that require documented security posture and auditability beyond the README","Public unauthenticated exposure of the MCP endpoint without additional network controls"],"best_when":"You can run a local or private Spring Boot service, complete Atlassian OAuth consent for the target user, and then let an agent call the exposed MCP tools using the connection token.","avoid_when":"You need turnkey hosted SaaS reliability/SLA, or you can’t securely manage encryption passwords, database credentials, and per-user access tokens.","alternatives":["Use Atlassian official REST APIs directly from your agent with your own OAuth flow","Use an existing Atlassian integration platform (Zapier/Make/n8n) with agent orchestration","Build a dedicated MCP server using Atlassian REST APIs and your own token storage/refresh layer"],"af_score":53.5,"security_score":67.0,"reliability_score":17.5,"package_type":"mcp_server","discovery_source":["github"],"priority":"low","status":"evaluated","version_evaluated":null,"last_evaluated":"2026-04-04T20:01:55.296082+00:00","interface":{"has_rest_api":false,"has_graphql":false,"has_grpc":false,"has_mcp_server":true,"mcp_server_url":"http://localhost:8080/sse","has_sdk":false,"sdk_languages":[],"openapi_spec_url":null,"webhooks":false},"auth":{"methods":["OAuth2 authorization_code (Atlassian)","Bearer Authorization header using an Atlassian connection token (principalName/UUID) for MCP tool calls"],"oauth":true,"scopes":true,"notes":"Flow described includes Atlassian OAuth2 token exchange with offline_access for refresh tokens; tool access is mediated by a short-lived connection token shown post-consent."},"pricing":{"model":null,"free_tier_exists":false,"free_tier_limits":null,"paid_tiers":[],"requires_credit_card":false,"estimated_workload_costs":null,"notes":"No pricing information provided; appears self-hosted (infrastructure cost = your compute + DB + Atlassian API usage under your Atlassian app limits)."},"requirements":{"requires_signup":false,"requires_credit_card":false,"domain_verification":false,"data_residency":[],"compliance":[],"min_contract":null},"agent_readiness":{"af_score":53.5,"security_score":67.0,"reliability_score":17.5,"mcp_server_quality":80.0,"documentation_accuracy":65.0,"error_message_quality":0.0,"error_message_notes":null,"auth_complexity":45.0,"rate_limit_clarity":5.0,"tls_enforcement":80.0,"auth_strength":70.0,"scope_granularity":60.0,"dependency_hygiene":50.0,"secret_handling":70.0,"security_notes":"Security is partially addressed via encrypted token storage (Jasypt) and storing refresh/access tokens in a database. However, the README does not describe TLS enforcement requirements for the app endpoint, detailed token lifecycle/expiry semantics for the connection token, token revocation behavior, CSRF protections for OAuth callback endpoints, database encryption-at-rest controls, or dependency/CVE hygiene. It also instructs enabling logs for raw HTTP response debugging, which can risk leaking sensitive details if log redaction is not implemented.","uptime_documented":0.0,"version_stability":30.0,"breaking_changes_history":0.0,"error_recovery":40.0,"idempotency_support":"false","idempotency_notes":null,"pagination_style":"none","retry_guidance_documented":false,"known_agent_gotchas":["OAuth scopes must be correctly configured for Jira/Confluence; 401s may indicate missing/incorrect scopes","The agent must use the connection token (principalName/UUID) produced after OAuth success; expired/incorrect tokens will fail tool calls","The README references enabling logs for debugging raw Confluence HTTP responses; agents may need log visibility for troubleshooting","MCP transport is SSE; ensure the agent/client supports SSE and that endpoint access (including headers like Authorization) is configured correctly"]}}